RubyGems - ragweed - Versions diffs - 0.1.7.3 → 0.2.0.pre1 - Mend

ragweed 0.1.7.3 → 0.2.0.pre1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

data/README.rdoc +33 -8
data/Rakefile +80 -23
data/VERSION +1 -0
data/examples/hittracertux.rb +2 -6
data/examples/hook_notepad.rb +1 -1
data/examples/tux-example.rb +3 -2
data/lib/.DS_Store +0 -0
data/lib/ragweed/debugger32.rb +188 -145
data/lib/ragweed/debuggerosx.rb +13 -13
data/lib/ragweed/debuggertux.rb +267 -140
data/lib/ragweed/rasm.rb +1 -1
data/lib/ragweed/wrap32/debugging.rb +184 -64
data/lib/ragweed/wrap32/hooks.rb +27 -11
data/lib/ragweed/wrap32/process.rb +114 -7
data/lib/ragweed/wrap32/process_token.rb +23 -7
data/lib/ragweed/wrap32/thread_context.rb +100 -166
data/lib/ragweed/wrap32/wrap32.rb +127 -72
data/lib/ragweed/wrap32.rb +1 -1
data/lib/ragweed/wraposx/constants.rb +1 -9
data/lib/ragweed/wraposx/region_info.rb +209 -188
data/lib/ragweed/wraposx/structs.rb +102 -0
data/lib/ragweed/wraposx/thread_context.rb +636 -159
data/lib/ragweed/wraposx/thread_info.rb +40 -107
data/lib/ragweed/wraposx/thread_info.rb.old +121 -0
data/lib/ragweed/wraposx/wraposx.rb +154 -231
data/lib/ragweed/wraposx.rb +2 -1
data/lib/ragweed/wraptux/constants.rb +46 -22
data/lib/ragweed/wraptux/struct_helpers.rb +25 -0
data/lib/ragweed/wraptux/threads.rb +0 -0
data/lib/ragweed/wraptux/wraptux.rb +58 -62
data/lib/ragweed/wraptux.rb +3 -4
data/lib/ragweed.rb +36 -8
data/ragweed.gemspec +85 -15
metadata +50 -18

data/lib/ragweed/wraposx/region_info.rb CHANGED Viewed

@@ -2,7 +2,8 @@ module Ragweed; end
 module Ragweed::Wraposx; end
 module Ragweed::Wraposx::Vm
   # these are flavor arguments for vm_region
-  # more to be added as support for 64bit processes gets added
+  # only basic info is supported by apple
+  REGION_BASIC_INFO_64 = 9
   REGION_BASIC_INFO = 10
   REGION_EXTENDED_INFO = 11
   REGION_TOP_INFO = 12
@@ -23,232 +24,252 @@ module Ragweed::Wraposx::Vm
   INHERIT_DEFAULT = 1     # VM_INHERIT_COPY
   INHERIT_LAST_VALID = 2  # VM_INHERIT_NONE
-  #define VM_REGION_BASIC_INFO_COUNT ((mach_msg_type_number_t) (sizeof(vm_region_basic_info_data_t)/sizeof(int)))
-  #define VM_REGION_EXTENDED_INFO_COUNT   ((mach_msg_type_number_t) (sizeof(vm_region_extended_info_data_t)/sizeof(int)))
-  #define VM_REGION_TOP_INFO_COUNT ((mach_msg_type_number_t) (sizeof(vm_region_top_info_data_t)/sizeof(int)))
-  FLAVORS = { REGION_BASIC_INFO => {:size => 30, :count => 8},
-      REGION_EXTENDED_INFO => {:size => 32, :count => 8},
-      REGION_TOP_INFO => {:size => 17,:count => 5}
-  }
   module Pflags
     READ = 0x1 #read permission
     WRITE = 0x2 #write permission
     EXECUTE = 0x4 #execute permission
   end
-end
-# Memory region info base class.
-#
-# to change slightly in 0.2.0+
-#
-class Ragweed::Wraposx::RegionInfo
-  def initialize(str=nil)
-    refresh(str) if str
+  # Memory region info base class.
+  #
+  class RegionInfo < FFI::Struct
+    include Ragweed::FFIStructInclude
+    attr_accessor :region_size
+    attr_accessor :base_address
   end
-  # (re)loads the data from str
-  def refresh(str)
-    fields = self.class.const_get :FIELDS
-    if str and not str.empty?
-      str.unpack(fields.map {|x| x[1]}.join("")).each_with_index do |val, i|
-        raise "i is nil" if i.nil?
-        instance_variable_set "@#{ fields[i][0] }".intern, val
-      end
-    end
-  end
+  class RegionBasicInfo < RegionInfo
-  def to_s
-    fields = self.class.const_get :FIELDS
-    fields.map {|f| send(f[0])}.pack(fields.map {|x| x[1]}.join(""))
-  end
+    layout :protection, Ragweed::Wraposx::Libc.find_type(:vm_prot_t),
+           :max_protection, Ragweed::Wraposx::Libc.find_type(:vm_prot_t),
+           :inheritance, Ragweed::Wraposx::Libc.find_type(:vm_inherit_t),
+           :shared, Ragweed::Wraposx::Libc.find_type(:boolean_t),
+           :reserved, Ragweed::Wraposx::Libc.find_type(:boolean_t),
+           :offset, :uint32,
+           :behavior, Ragweed::Wraposx::Libc.find_type(:vm_behavior_t),
+           :user_wired_count, :ushort
-  def self.get(t, a, flavor)
-    self.new(Ragweed::Wraposx::vm_region_raw(t, a, flavor))
-  end
-  def get(t, a)
-    refresh(Ragweed::Wraposx::vm_region_raw(t, a, self.class.const_get(:FLAVOR)))
-  end
+    def dump(&block)
+      maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
+      maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
-  def inspect
-    fields = self.class.const_get(:FIELDS)
-    body = lambda do
-      fields.map do |f|
-        "#{f[0]}=#{send(f[0]).to_s}"
-      end.join(", ")
+      string =<<EOM
+      -----------------------------------------------------------------------
+      BASIC INFO:
+      base address:     #{self.base_address.to_s(16).rjust(8, "0")}
+      protection:       #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
+      max_protection:   #{self.max_protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.max_protection)}
+      inheritance:      #{self.inheritance.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.inheritance)}
+      shared:           #{self.shared.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shared)}
+      reserved:         #{self.reserved.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.reserved)}
+      offset:           #{self.offset.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.offset)}
+      behavior:         #{self.behavior.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.behavior)}
+      user_wired_count: #{self.user_wired_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.user_wired_count)}
+      size:             #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
+EOM
     end
-    "#<#{self.class.name.split("::").last} #{body.call}>"
   end
-  def dump(&block)
-    maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
-    maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
-    string =<<EOM
-    -----------------------------------------------------------------------
-    INFO:
-    protection:       #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
-    max_protection:   #{self.max_protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.max_protection)}
-    inheritance:      #{self.inheritance.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.inheritance)}
-    shared:           #{self.shared.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shared)}
-    reserved:         #{self.reserved.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.reserved)}
-    offset:           #{self.offset.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.offset)}
-    behavior:         #{self.behavior.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.behavior)}
-    user_wired_count: #{self.user_wired_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.user_wired_count)}
-    size:             #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
-EOM
-  end
-end
+  class RegionBasicInfo64 < RegionInfo
-class Ragweed::Wraposx::RegionBasicInfo < Ragweed::Wraposx::RegionInfo
-  FLAVOR = Ragweed::Wraposx::Vm::REGION_BASIC_INFO
-  (FIELDS = [ [:protection, "i"],       # The current protection for the region.
-              [:max_protection, "i"],   # The maximum protection allowed for the region.
-              [:inheritance, "I"],      # The inheritance attribute for the region.
-              [:shared, "I"],           # Shared indicator. If true, the region is shared by another task. If false, the region is not shared.
-              [:reserved, "I"],         # If true the region is protected from random allocation.
-              [:offset, "L"],           # The region's offset into the memory object. The region begins at this offset.
-              [:behavior, "i"],         # Expected reference pattern for the memory.
-              [:user_wired_count, "S"],
-              [:size, "I"],              # size of memory region returned
-              [:base_address, "L"]
-              ]).each {|x| attr_accessor x[0]}
-  def dump(&block)
-    maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
-    maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
-    string =<<EOM
-    -----------------------------------------------------------------------
-    BASIC INFO:
-    base address:     #{self.base_address.to_s(16).rjust(8, "0")}
-    protection:       #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
-    max_protection:   #{self.max_protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.max_protection)}
-    inheritance:      #{self.inheritance.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.inheritance)}
-    shared:           #{self.shared.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shared)}
-    reserved:         #{self.reserved.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.reserved)}
-    offset:           #{self.offset.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.offset)}
-    behavior:         #{self.behavior.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.behavior)}
-    user_wired_count: #{self.user_wired_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.user_wired_count)}
-    size:             #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
-EOM
-  end
+    layout :protection, Ragweed::Wraposx::Libc.find_type(:vm_prot_t),
+           :max_protection, Ragweed::Wraposx::Libc.find_type(:vm_prot_t),
+           :inheritance, Ragweed::Wraposx::Libc.find_type(:vm_inherit_t),
+           :shared, Ragweed::Wraposx::Libc.find_type(:boolean_t),
+           :reserved, Ragweed::Wraposx::Libc.find_type(:boolean_t),
+           :offset, Ragweed::Wraposx::Libc.find_type(:memory_object_offset_t),
+           :behavior, Ragweed::Wraposx::Libc.find_type(:vm_behavior_t),
+           :user_wired_count, :ushort
-  def self.get(t, a)
-    self.new(Ragweed::Wraposx::vm_region_raw(t, a, FLAVOR))
-  end
-end
+    def dump(&block)
+      maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
+      maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
-class Ragweed::Wraposx::RegionExtendedInfo < Ragweed::Wraposx::RegionInfo
-  FLAVOR = Ragweed::Wraposx::Vm::REGION_EXTENDED_INFO
-  (FIELDS = [ [:protection, "i"],
-              [:user_tag, "I"],
-              [:pages_resident, "I"],
-              [:pages_shared_now_private, "I"],
-              [:pages_swapped_out, "I"],
-              [:pages_dirtied, "I"],
-              [:ref_count, "I"],
-              [:shadow_depth, "S"],
-              [:external_pager, "C"],
-              [:share_mode, "C"],
-              [:size, "I"],
-              [:base_address, "I"] ]).each {|x| attr_accessor x[0]}
-  def dump(&block)
-    maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
-    maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
-    string =<<EOM
-    -----------------------------------------------------------------------
-    EXTENDED INFO:
-    base address:             #{self.base_address.to_s(16).rjust(8, "0")}
+      string =<<EOM
+      -----------------------------------------------------------------------
+      BASIC INFO:
+      base address:     #{self.base_address.to_s(16).rjust(8, "0")}
-    protection:               #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
-    user_tag:                 #{self.user_tag.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.user_tag)}
-    pages_resident:           #{self.pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_resident)}
-    pages_shared_now_private: #{self.pages_shared_now_private.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_shared_now_private)}
-    pages_swapped_out:        #{self.pages_swapped_out.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_swapped_out)}
-    pages_dirtied:            #{self.pages_dirtied.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_dirtied)}
-    ref_count:                #{self.ref_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.ref_count)}
-    shadow_depth:             #{self.shadow_depth.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shadow_depth)}
-    external_pager:           #{self.external_pager.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.external_pager)}
-    share_mode:               #{self.share_mode.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.share_mode)}
-    size:                     #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
+      protection:       #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
+      max_protection:   #{self.max_protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.max_protection)}
+      inheritance:      #{self.inheritance.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.inheritance)}
+      shared:           #{self.shared.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shared)}
+      reserved:         #{self.reserved.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.reserved)}
+      offset:           #{self.offset.to_s(16).rjust(16, "0")} #{maybe_hex.call(self.offset)}
+      behavior:         #{self.behavior.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.behavior)}
+      user_wired_count: #{self.user_wired_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.user_wired_count)}
+      size:             #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
 EOM
+    end
   end
-  def self.get(t, a)
-    self.new(Ragweed::Wraposx::vm_region_raw(t, a, FLAVOR))
-  end
-end
+  # struct vm_region_extended_info {
+  #         vm_prot_t               protection;
+  #         unsigned int            user_tag;
+  #         unsigned int            pages_resident;
+  #         unsigned int            pages_shared_now_private;
+  #         unsigned int            pages_swapped_out;
+  #         unsigned int            pages_dirtied;
+  #         unsigned int            ref_count;
+  #         unsigned short          shadow_depth;
+  #         unsigned char           external_pager;
+  #         unsigned char           share_mode;
+  # };
+  class RegionExtendedInfo < RegionInfo
+    layout :protection, Ragweed::Wraposx::Libc.find_type(:vm_prot_t),
+           :user_tag, :uint,
+           :pages_resident, :uint,
+           :pages_shared_now_private, :uint,
+           :pages_swapped_out, :uint,
+           :pages_dirtied, :uint,
+           :ref_count, :uint,
+           :shadow_depth, :ushort,
+           :external_pager, :uchar,
+           :share_mode, :uchar
-class Ragweed::Wraposx::RegionTopInfo < Ragweed::Wraposx::RegionInfo
+    def dump(&block)
+      maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
+      maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
-  FLAVOR = Ragweed::Wraposx::Vm::REGION_TOP_INFO
+      string =<<EOM
+      -----------------------------------------------------------------------
+      EXTENDED INFO:
+      base address:             #{self.base_address.to_s(16).rjust(8, "0")}
+      protection:               #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
+      user_tag:                 #{self.user_tag.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.user_tag)}
+      pages_resident:           #{self.pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_resident)}
+      pages_shared_now_private: #{self.pages_shared_now_private.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_shared_now_private)}
+      pages_swapped_out:        #{self.pages_swapped_out.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_swapped_out)}
+      pages_dirtied:            #{self.pages_dirtied.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_dirtied)}
+      ref_count:                #{self.ref_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.ref_count)}
+      shadow_depth:             #{self.shadow_depth.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shadow_depth)}
+      external_pager:           #{self.external_pager.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.external_pager)}
+      share_mode:               #{self.share_mode.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.share_mode)}
+      size:                     #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
+EOM
+    end
+  end
-  (FIELDS = [ [:obj_id, "I"],
-              [:ref_count, "I"],
-              [:private_pages_resident, "I"],
-              [:shared_pages_resident, "I"],
-              [:share_mode, "C"],
-              [:size, "I"],
-              [:base_address,"I"]]).each {|x| attr_accessor x[0]}
+  # struct vm_region_top_info {
+  #         unsigned int            obj_id;
+  #         unsigned int            ref_count;
+  #         unsigned int            private_pages_resident;
+  #         unsigned int            shared_pages_resident;
+  #         unsigned char           share_mode;
+  # };
+  class RegionTopInfo < RegionInfo
+    layout :obj_id, :uint,
+           :ref_count, :uint,
+           :private_pages_resident, :uint,
+           :shared_pages_resident, :uint,
+           :share_mode, :uchar
-  def dump(&block)
-    maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
-    maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
+    def dump(&block)
+      maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
+      maybe_dis = lambda {|a| begin; "\n" + block.call(a, 16).distorm.map {|i| "         " + i.mnem}.join("\n"); rescue; ""; end }
-    string =<<EOM
-    -----------------------------------------------------------------------
-    TOP INFO:
-    base address:           #{self.base_address.to_s(16).rjust(8, "0")}
+      string =<<EOM
+      -----------------------------------------------------------------------
+      TOP INFO:
+      base address:           #{self.base_address.to_s(16).rjust(8, "0")}
-    obj_id:                 #{self.obj_id.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.obj_id)}
-    ref_count:              #{self.ref_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.ref_count)}
-    private_pages_resident: #{self.private_pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.private_pages_resident)}
-    shared_pages_resident:  #{self.shared_pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shared_pages_resident)}
-    share_mode:             #{self.share_mode.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.share_mode)}
-    size:                   #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
+      obj_id:                 #{self.obj_id.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.obj_id)}
+      ref_count:              #{self.ref_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.ref_count)}
+      private_pages_resident: #{self.private_pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.private_pages_resident)}
+      shared_pages_resident:  #{self.shared_pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.shared_pages_resident)}
+      share_mode:             #{self.share_mode.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.share_mode)}
+      size:                   #{self.size.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.size)}
 EOM
+    end
   end
-  def self.get(t, a)
-    self.new(Ragweed::Wraposx::vm_region_raw(t, a, FLAVOR))
-  end
+  #define VM_REGION_BASIC_INFO_COUNT ((mach_msg_type_number_t) (sizeof(vm_region_basic_info_data_t)/sizeof(int)))
+  #define VM_REGION_BASIC_INFO_COUNT_64 ((mach_msg_type_number_t) (sizeof(vm_region_basic_info_data_64_t)/sizeof(int)))
+  #define VM_REGION_EXTENDED_INFO_COUNT   ((mach_msg_type_number_t) (sizeof(vm_region_extended_info_data_t)/sizeof(int)))
+  #define VM_REGION_TOP_INFO_COUNT ((mach_msg_type_number_t) (sizeof(vm_region_top_info_data_t)/sizeof(int)))
+  FLAVORS = { REGION_BASIC_INFO => {:size => 30, :count => 8, :class => RegionBasicInfo},
+      REGION_BASIC_INFO_64 => {:size => 30, :count => 9, :class => RegionBasicInfo64},
+      REGION_EXTENDED_INFO => {:size => 32, :count => 8, :class => RegionExtendedInfo},
+      REGION_TOP_INFO => {:size => 17,:count => 5, :class => RegionTopInfo}
+  }
 end
 module Ragweed::Wraposx
+  module Libc
+    extend FFI::Library
+    ffi_lib FFI::Library::LIBC
+    # determine if a function is defined in the attached libraries
+    def self.find_function func
+      ffi_libraries.detect{|lib| lib.find_function(func)}
+    end
+    attach_function :vm_region, [:vm_map_t, :pointer, :pointer, :vm_region_flavor_t, :pointer, :pointer, :pointer], :int if find_function "vm_region"
+    attach_function :vm_region_64, [:vm_map_t, :pointer, :pointer, :vm_region_flavor_t, :pointer, :pointer, :pointer], :int if find_function "vm_region_64"
+  end
   class << self
-    # Returns a string containing the memory region information for task
-    # at address.
+    # Returns the base address, size, and a pointer to the requested information
+    # about the memory region at address in the target_task.
     #
-    # The order of the elements in the returned string will change in 0.2.0+
-    # to match the argument order.
+    # Currently, only VM_REGION_BASIC_INFO is supported by Apple.
+    # Unless this is being run in 32bits, use vm_region_64 instead.
     #
     # kern_return_t   vm_region
-    #                  (vm_task_t                    target_task,
-    #                   vm_address_t                     address,
-    #                   vm_size_t                           size,
-    #                   vm_region_flavor_t                flavor,
-    #                   vm_region_info_t                    info,
-    #                   mach_msg_type_number_t        info_count,
-    #                   memory_object_name_t         object_name);
-    def vm_region_raw(task, address, flavor)
-      info = ("\x00"*Vm::FLAVORS[flavor][:size]).to_ptr
-      count = ([Vm::FLAVORS[flavor][:count]].pack("I_")).to_ptr
-      address = ([address].pack("I_")).to_ptr
-      objn = ([0].pack("I_")).to_ptr
-      sz = ("\x00"*SIZEOFINT).to_ptr
-      r = CALLS["libc!vm_region:IPPIPPP=I"].call(task, address, sz, flavor, info, count, objn).first
+    #                  (vm_map_t                   target_task,
+    #                   vm_address_t                  *address,
+    #                   vm_size_t                        *size,
+    #                   vm_region_flavor_t              flavor,
+    #                   vm_region_info_t                  info,
+    #                   mach_msg_type_number_t     *info_count,
+    #                   mach_port_t               *object_name);
+    def vm_region(task, addr, flavor)
+      info = FFI::MemoryPointer.new(Vm::FLAVORS[flavor][:class], 1)
+      count = FFI::MemoryPointer.new(:int, 1).write_int(Vm::FLAVORS[flavor][:count])
+      address = FFI::MemoryPointer.new(:vm_address_t, 1).write_ulong(addr)
+      sz = FFI::MemoryPointer.new(:vm_size_t, 1)
+      objn = FFI::MemoryPointer.new(:mach_port_t, 1)
+      r = Libc.vm_region(task, address, sz, flavor, info, count, objn)
       raise KernelCallError.new(:vm_region, r) if r != 0
-      # this
-      return "#{info.to_s(Vm::FLAVORS[flavor][:size])}#{sz.to_s(SIZEOFINT)}#{address.to_s(SIZEOFINT)}"
-    end
+      ret = Vm::Flavors[flavor][:class].new info
+      ret.region_size = size.read_ulong
+      ret.base_address = address.read_ulong
+      ret
+    end if Libc.find_function "vm_region"
+    # Returns the base address, size, and a pointer to the requested information
+    # about the memory region at address in the target_task.
+    #
+    # Currently, only VM_REGION_BASIC_INFO is supported by Apple.
+    #
+    # kern_return_t   vm_region
+    #                  (vm_map_t                   target_task,
+    #                   vm_address_t                  *address,
+    #                   vm_size_t                        *size,
+    #                   vm_region_flavor_t              flavor,
+    #                   vm_region_info_t                  info,
+    #                   mach_msg_type_number_t     *info_count,
+    #                   mach_port_t               *object_name);
+    def vm_region_64(task, addr, flavor)
+      # OSX does this as well, so we need to do it ourselves
+      flavor = Vm::REGION_BASIC_INFO_64 if flavor == Vm::REGION_BASIC_INFO
+      info = FFI::MemoryPointer.new(:uint8, Vm::FLAVORS[flavor][:size])
+      count = FFI::MemoryPointer.new(Libc.find_type(:mach_msg_type_number_t), 1).write_uint(Vm::FLAVORS[flavor][:count])
+      address = FFI::MemoryPointer.new(Libc.find_type(:vm_address_t), 1).write_ulong(addr)
+      sz = FFI::MemoryPointer.new(Libc.find_type(:vm_size_t), 1)
+      objn = FFI::MemoryPointer.new(Libc.find_type(:mach_port_t), 1)
+      r = Libc.vm_region_64(task, address, sz, flavor, info, count, objn)
+      raise KernelCallError.new(:vm_region_64, r) if r != 0
+      ret = Vm::Flavors[flavor][:class].new info
+      ret.region_size = size.read_ulong
+      ret.base_address = address.read_ulong
+      ret
+    end if Libc.find_function "vm_region_64"
   end
 end

data/lib/ragweed/wraposx/structs.rb ADDED Viewed

@@ -0,0 +1,102 @@
+# miscelaneous structs needed for other calls/structures
+module Ragweed; end
+module Ragweed::Wraposx
+  class FpControl < FFI::Struct
+    layout :value, :ushort
+    def invalid
+      self.value >> 15
+    end
+    def denorm
+      (self.value >> 14) & 1
+    end
+    def zdiv
+      (self.value >> 13) & 1
+    end
+    def ovrfl
+      (self.value >> 12) & 1
+    end
+    def undfl
+      (self.value >> 11) & 1
+    end
+    def precis
+      (self.value >> 10) & 1
+    end
+    def res0
+      (self.value >> 8) & 3
+    end
+    def pc
+      (self.value >> 6) & 3
+    end
+    def rc
+      (self.value >> 4) & 3
+    end
+    def res1
+      (self.value >> 3) & 1
+    end
+    def res2
+      self.value & 7
+    end
+  end
+  class FpStatus < FFI::Struct
+    layout :value, :ushort
+    def invalid
+      self.value >> 15
+    end
+    def denorm
+      (self.value >> 14) & 1
+    end
+    def zdiv
+      (self.value >> 13) & 1
+    end
+    def ovrfl
+      (self.value >> 12) & 1
+    end
+    def undfl
+      (self.value >> 11) & 1
+    end
+    def precis
+      (self.value >> 10) & 1
+    end
+    def stkflt
+      (self.value >> 9) & 1
+    end
+    def errsumm
+      (self.value >> 8) & 1
+    end
+    def c0
+      (self.value >> 7) & 1
+    end
+    def c1
+      (self.value >> 6) & 1
+    end
+    def c2
+      (self.value >> 5) & 1
+    end
+    def tos
+      (self.value >> 2) & 7
+    end
+    def c2
+      (self.value >> 1) & 1
+    end
+    def busy
+      self.value & 1
+    end
+  end
+  class MmstReg < FFI::Struct
+    layout :mmst_reg, [:char, 10],
+           :mmst_rsrv, [:char, 6]
+  end
+  class XmmReg < FFI::Struct
+    layout :xmm_reg, [:char, 16]
+  end
+  class TimeValue < FFI::Struct
+    layout :seconds, :int,
+           :microseconds, :int
+  end
+end