tduehr-ragweed 0.1.6 → 0.1.7

data/History.txt

@@ -1,3 +1,7 @@
+== 0.1.7 / 2009-08-03
+
+* bug fixes (Wraposx#RegionInfo should now fully work)
+
 == 0.1.6 / 2009-07-13
 
 * bug fixes and API work

data/Rakefile

@@ -19,11 +19,13 @@ require 'ragweed'
 task :default => 'spec:run'
 
 PROJ.name = 'ragweed'
+PROJ.ignore_file = '.gitignore'
 PROJ.authors = 'tduehr, tqbf, struct'
 PROJ.email = 'td@matasano.com'
-PROJ.url = 'github.com/tduehr/ragweed'
+PROJ.description = 'General debugging tool written in Ruby for OSX/Win32/Linux'
+PROJ.url = 'http://github.com/tduehr/ragweed/tree/master'
 PROJ.version = Ragweed::VERSION
-PROJ.rubyforge.name = 'ragweed'
+# PROJ.rubyforge.name = 'ragweed'
 
 PROJ.spec.opts << '--color'
 

data/examples/tux-example.rb

@@ -4,21 +4,20 @@
 
 require 'pp'
 require 'ragweed'
-require 'debuggertux'
-include Ragweed
 
 pid = Ragweed::Debuggertux.find_by_regex(/gcalctool/)
 
-#begin
+begin
 	t = Ragweed::Debuggertux.threads(pid)
-	puts "Which thread do you want to attach to?"
+	puts "Available pid/tdpids\n"
 	t.each do |h| puts h end
+	puts "Which thread do you want to attach to?"
 	pid = STDIN.gets.chomp.to_i
 
 	d = Ragweed::Debuggertux.new(pid)
 	d.attach
 	d.continue
 	catch(:throw) { d.loop }
-#rescue
-#	puts "Maybe your PID is wrong?"
-#end
+rescue
+	puts "Maybe your PID is wrong?"
+end

data/lib/ragweed/blocks.rb

@@ -1,4 +1,4 @@
-require 'ragweed/rasm'
+require ::File.join(::File.dirname(__FILE__),'rasm')
 
 pushv = $VERBOSE
 $VERBOSE = nil

data/lib/ragweed/debugger32.rb

@@ -1,4 +1,4 @@
-require 'ragweed/wrap32'
+require ::File.join(::File.dirname(__FILE__),'wrap32')
 
 # I am not particularly proud of this code, which I basically debugged
 # into existence, but it does work.

data/lib/ragweed/debuggerosx.rb

@@ -1,4 +1,4 @@
-require 'ragweed/wraposx'
+require ::File.join(::File.dirname(__FILE__),'wraposx')
 
 module Ragweed; end
 
@@ -397,10 +397,10 @@ class Ragweed::Debuggerosx
     # Extended and Top info flavors are included in case Apple re implements them
     when :extended
       warn "VM Region Extended Info not implemented by Apple. Returning RegionBasicInfo"
-      return Ragweed::Wraposx::RegionBasicInfo.get(@task, addr)
+      return Ragweed::Wraposx::RegionExtendedInfo.get(@task, addr)
     when :top
       warn "VM Region Top Info not implemented be Apple. Returning RegionBasicInfo"
-      return Ragweed::Wraposx::RegionBasicInfo.get(@task, addr)
+      return Ragweed::Wraposx::RegionTopInfo.get(@task, addr)
     else
       warn "Unknown flavor requested. Returning RegionBasicInfo."
       return Ragweed::Wraposx::RegionBasicInfo.get(@task, addr)

data/lib/ragweed/debuggertux.rb

@@ -1,5 +1,4 @@
-require 'ragweed/wraptux'
-
+require ::File.join(::File.dirname(__FILE__),'wraptux')
 ## Modeled after wraposx written by tduehr
 
 module Ragweed; end

data/lib/ragweed/rasm/isa.rb

@@ -3,12 +3,13 @@
 # Rasm: a half-assed X86 assembler.
 #
 # Rasm implements a small subset of the X86 instruction set, and only in
-# simple encodings. 
+# simple encodings.
 #
 # However, Rasm implements enough X86 to do interesting things. I wrote it
 # to inject trampoline functions and detours into remote processes. This
-# is Ruby code; you'd never use it where performance matters. It's not 
+# is Ruby code; you'd never use it where performance matters. It's not
 # enough to write a decent compiler, but it's enough to fuck up programs.
+module Ragweed; end
 module Ragweed::Rasm
   class NotImp < RuntimeError; end
   class Insuff < RuntimeError; end
@@ -39,6 +40,8 @@ module Ragweed::Rasm
       (rc1 << 8|rc2)
     end
 
+    def scaled?; @scale and @scale > 0; end
+    def combined?; @combined; end
     def reg1
       if combined?
         self.class.new((code>>8)&0xff)
@@ -68,7 +71,7 @@ module Ragweed::Rasm
       elsif x.kind_of? Register
         ret = clone
         ret.combined = true
-        ret.indir = 1 
+        ret.indir = 1
         ret.scale = x.scale
         ret.code = self.class.comb(ret.code, x.code)
         return ret
@@ -101,19 +104,16 @@ module Ragweed::Rasm
       end
 
       return self
-    end  
-
-    def scaled?; @scale and @scale > 0; end
-    def combined?; @combined; end
+    end
 
-    def self.eax(opts={}); Eax.clone.regopts opts; end      
-    def self.ecx(opts={}); Ecx.clone.regopts opts; end      
-    def self.edx(opts={}); Edx.clone.regopts opts; end      
-    def self.ebx(opts={}); Ebx.clone.regopts opts; end      
-    def self.esp(opts={}); Esp.clone.regopts opts; end      
-    def self.ebp(opts={}); Ebp.clone.regopts opts; end      
-    def self.esi(opts={}); Esi.clone.regopts opts; end      
-    def self.edi(opts={}); Edi.clone.regopts opts; end      
+    def self.eax(opts={}); Eax.clone.regopts opts; end
+    def self.ecx(opts={}); Ecx.clone.regopts opts; end
+    def self.edx(opts={}); Edx.clone.regopts opts; end
+    def self.ebx(opts={}); Ebx.clone.regopts opts; end
+    def self.esp(opts={}); Esp.clone.regopts opts; end
+    def self.ebp(opts={}); Ebp.clone.regopts opts; end
+    def self.esi(opts={}); Esi.clone.regopts opts; end
+    def self.edi(opts={}); Edi.clone.regopts opts; end
 
     def initialize(code, opts={})
       @combined = false
@@ -132,7 +132,7 @@ module Ragweed::Rasm
       @disp = disp
       @indir = true
     end
-  end  
+  end
 
   ## ------------------------------------------------------------------------
 
@@ -146,7 +146,7 @@ module Ragweed::Rasm
   Esp = Register.new(Register::ESP)
   Ebp = Register.new(Register::EBP)
   Esi = Register.new(Register::ESI)
-  Edi = Register.new(Register::EDI)  
+  Edi = Register.new(Register::EDI)
   def eax(opts={}); Register.eax opts; end
   def ecx(opts={}); Register.ecx opts; end
   def edx(opts={}); Register.edx opts; end
@@ -167,14 +167,14 @@ module Ragweed::Rasm
   ## ------------------------------------------------------------------------
 
   # A code fragment. Push instructions into it. You can push Label
-  # objects to create jump targets. 
+  # objects to create jump targets.
   class Subprogram < Array
 
     # Patch code offsets into the instructions to replace abstract
     # labels. Produces raw instruction stream.
     def assemble
       patches = {}
-      buf = Ragweed::Sbuf.new
+      buf = Sbuf.new
 
       each do |i|
         if i.kind_of? Instruction
@@ -183,11 +183,11 @@ module Ragweed::Rasm
         else
           patches[i] = buf.size
         end
-      end     
-      
+      end
+
       select {|i| i.kind_of? Instruction}.each {|i| i.patch(patches)}
       buf.clear!
-      select {|i| i.kind_of? Instruction}.each {|i| 
+      select {|i| i.kind_of? Instruction}.each {|i|
         buf.straw(i.to_s)
       }
 
@@ -197,12 +197,12 @@ module Ragweed::Rasm
     # Produce an array of insns. This is pretty much broken, because
     # it doesn't pre-patch the instructions.
     def disassemble
-      select {|i| i.kind_of? Rasm::Intruction}.map {|i| i.decode}
+      select {|i| i.kind_of? Rasm::Instruction}.map {|i| i.decode}
     end
 
     def dump_disassembly
-      disassemble.each do |insn|
-        puts "#{ insn.off.to_x } #{ insn.mnem }" 
+      disassemble.each_with_index do |insn, i|
+        puts "#{ i } #{ insn.mnem }"
       end
     end
   end
@@ -256,21 +256,21 @@ module Ragweed::Rasm
         v = Immed.new(v) if v.number?
       end
       v
-    end      
+    end
 
     def src=(v); @src = coerce(v); end
     def dst=(v); @dst = coerce(v); end
 
-    # Never called directly (see subclasses below)    
+    # Never called directly (see subclasses below)
     def initialize(x=nil, y=nil)
-      @buf = Ragweed::Sbuf.new
+      @buf = Sbuf.new
       self.src = y
       self.dst = x
       @loc = nil
     end
 
     # Disassemble the instruction (mostly for testing)
-    def decode; Frasm::DistormDecoder.new.decode(self.to_s)[0]; end
+    # def decode; Frasm::DistormDecoder.new.decode(self.to_s)[0]; end
 
     # What Subprogram#assemble uses to patch instruction locations.
     # Not user-servicable
@@ -287,7 +287,7 @@ module Ragweed::Rasm
         end
       end
     end
-    
+
     # Calculate ModR/M bits for the instruction; this is
     # the source/destination operand encoding.
     def modrm(op1, op2)
@@ -320,7 +320,7 @@ module Ragweed::Rasm
         return 0xc0 + (op2.code << 3) + op1.code
       end
     end
-    
+
     def sib(indir, alt, base)
       modpart = (base+4) + (alt.code << 3)
 
@@ -340,7 +340,7 @@ module Ragweed::Rasm
       end
 
       col = indir.reg1.code
-      
+
       if indir.combined?
         row = indir.reg2.code
       else
@@ -350,7 +350,7 @@ module Ragweed::Rasm
       pp [col,row,sbase]
 
       sibpart = sbase + (row << 3) + (col)
-      
+
       return (modpart.chr) + (sibpart.chr)
     end
 
@@ -382,7 +382,7 @@ module Ragweed::Rasm
   end
 
   ## ------------------------------------------------------------------------
-  
+
   # Jump to a relative offset (pos or neg), a register, or an address
   # in memory. Can take Labels instead of values, let patch figure out
   # the rest.
@@ -393,7 +393,7 @@ module Ragweed::Rasm
     # no far yet
 
     def initialize(x=nil); super x; end
-    
+
     def to_s
       raise Insuff if not @dst
       if dst_imm? or dst_lab?
@@ -441,7 +441,7 @@ module Ragweed::Rasm
 
   # Push a register, register-addressed memory location, or immediate
   # onto the stack.
-  class Push < Instruction 
+  class Push < Instruction
     # ff r/m
     # 50+ r
     # 6a imm8
@@ -456,7 +456,7 @@ module Ragweed::Rasm
         if @dst.indir
           add(0xff)
           add(modrm(@dst, Esi.clone))
-          add(@dst.disp) 
+          add(@dst.disp)
         else
           add(0x50 + @dst.code)
         end
@@ -485,7 +485,7 @@ module Ragweed::Rasm
 
     def to_s
       raise Insuff if not @dst
-      
+
       if dst_reg?
         add(0xff)
         add(modrm(@dst, Edx.clone))
@@ -501,7 +501,7 @@ module Ragweed::Rasm
 
   # Return; provide immediate for stack adjustment if you want.
   class Ret < Instruction
-    # c3 
+    # c3
     # c2 imm16
 
     def initialize( dst=nil); super dst; end
@@ -543,7 +543,7 @@ module Ragweed::Rasm
           if @src.val < 0x100
             add(@imp8)
             add(@src.val)
-          else 
+          else
             add(@imp)
             add(@src.val)
           end
@@ -587,9 +587,10 @@ module Ragweed::Rasm
       @x = Eax.clone
     end
   end
+  Addl = Add
 
   ## ------------------------------------------------------------------------
-  
+
   # SUB
   class Sub < Arith
     def initialize(*args)
@@ -670,7 +671,7 @@ module Ragweed::Rasm
 
   # CMP is SUB + condition code
   class Cmp < Instruction
-    # 3c imm8 
+    # 3c imm8
     # 3d imm
     # 80/7 r/m8, imm8
     # 81/7 r/m, imm
@@ -725,16 +726,16 @@ module Ragweed::Rasm
 
   # Wrapper for INC and DEC, not called directly.
   class IncDec < Instruction
-    # fe/0 r/m8
-    # ff/0 r/m
-    # 40+ (reg)
-            
+      # fe/0 r/m8
+      # ff/0 r/m
+      # 40+ (reg)
+
     def initialize( dst=nil); super dst; end
 
     def to_s
       raise Insuff if not @dst
       raise(BadArg, "need a register") if not dst_reg?
-  
+
       if @dst.indir
         add(0xff)
         add(modrm(@dst, @var))
@@ -748,7 +749,7 @@ module Ragweed::Rasm
   ## ------------------------------------------------------------------------
 
   # INC memory or register
-  class Inc < IncDec 
+  class Inc < IncDec
     def initialize(*args)
       super *args
       @var = Eax.clone
@@ -759,7 +760,7 @@ module Ragweed::Rasm
   ## ------------------------------------------------------------------------
 
   # DEC memory or register
-  class Dec < IncDec 
+  class Dec < IncDec
     def initialize(*args)
       super *args
       @var = Ecx.clone
@@ -916,7 +917,7 @@ module Ragweed::Rasm
   # Wrapper for conditional jumps, see below
   class Jcc < Instruction
 
-    def m; [nil,nil]; end 
+    def m; [nil,nil]; end
     def initialize( dst)
       super dst
       @short, @near = m()
@@ -1012,9 +1013,33 @@ module Ragweed::Rasm
   class Js < Jcc;  def m; [0x78,  0x88]; end; end
   # Zero
   class Jz < Jcc;  def m; [0x74,  0x84]; end; end
-  
+
+  ## ------------------------------------------------------------------------
+
+  class Pushf < Instruction
+      # 9c pushfd
+
+      def initialize; end
+      def to_s
+          raise(TooMan, "too many arguments") if @src or @dst
+          add(0x9c)
+      end
+  end
+
   ## ------------------------------------------------------------------------
-  
+
+  class Popf < Instruction
+      # 9d popfd
+
+      def initialize; end
+      def to_s
+          raise(TooMan, "too many arguments") if @src or @dst
+          add(0x9d)
+      end
+  end
+
+  ## ------------------------------------------------------------------------
+
   # INT 3, mostly, but will do INT X
   class Int < Instruction
     ## cc int 3

data/lib/ragweed/rasm.rb

@@ -5,7 +5,7 @@ module Ragweed; end
 module Ragweed::Rasm
 
   # :stopdoc:
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
   LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
   PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
   # :startdoc:

data/lib/ragweed/utils.rb

@@ -21,6 +21,19 @@ class Object
       def mymethods
         (self.methods - self.class.superclass.methods).sort
       end
+      # self-evident
+      def callable?; respond_to? :call; end
+      def number?; kind_of? Numeric; end
+
+      # while X remains callable, keep calling it to get its value
+      def derive
+        # also, don't drink and derive
+        x = self
+        while x.callable?
+          x = x()
+        end
+        return x
+      end
     end
     include ObjectExtensions
 end
@@ -41,6 +54,19 @@ class String
       return self if count == 0
       slice! 0..(count-1)
   end
+
+  # Convert a string into hex characters
+  def hexify
+      l = []
+      each_byte{|b| l << "%02x" % b}
+      l.join
+  end
+
+  # Convert a string of raw hex characters (no %'s or anything) into binary
+  def dehexify
+      (ret||="") << (me||=clone).shift(2).to_i(16).chr while not (me||=clone).empty?
+      return ret
+  end
 end
 
 class Integer

data/lib/ragweed/wrap32.rb

@@ -5,7 +5,7 @@ module Ragweed; end
 module Ragweed::Wrap32
 
   # :stopdoc:
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
   LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
   PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
   # :startdoc:

data/lib/ragweed/wraposx/constants.rb

@@ -23,7 +23,9 @@ module Ragweed::Wraposx::Ptrace
 end
 
 module Ragweed::Wraposx::Signal
-  #the Ruby module Signal also has this information
+  # the Ruby module Signal also has this information.
+  # in reality, that is a better source since it's based on the signals
+  # available at the time ruby was compiled.
   SIGHUP = 1 # hangup
   SIGINT = 2 # interrupt
   SIGQUIT = 3 # quit
@@ -77,13 +79,32 @@ end
 
 module Ragweed::Wraposx::Vm; end
 module Ragweed::Wraposx::Vm::Prot
-  #vm_protect permission flags for memory spaces
+  # vm_protect permission flags for memory spaces
   READ = 0x1 #read permission
   WRITE = 0x2 #write permission
   EXECUTE = 0x4 #execute permission
   NONE = 0x0 #no rights
   ALL = 0x7 #all permissions
 end
+module Ragweed::Wraposx::Vm::Sm
+  # share mode constants
+  COW = 1
+  PRIVATE = 2
+  EMPTY = 3
+  SHARED = 4
+  TRUESHARED = 5
+  PRIVATE_ALIASED = 6
+  SHARED_ALIASED = 7
+end
+
+# this should be moved to an include for all wrappers
+module Ragweed::Wraposx::SizeOf
+  INT = [1].pack("I_").size
+  SHORT = [1].pack("S_").size
+  LONG = [1].pack("L_").size
+  DOUBLE = [1].pack("D").size
+  FLOAT = [1].pack("F").size
+end
 
 module Ragweed::Wraposx::Dl
   RTLD_LAZY = 0x1

data/lib/ragweed/wraposx/region_info.rb

@@ -26,9 +26,9 @@ module Ragweed::Wraposx::Vm
   #define VM_REGION_BASIC_INFO_COUNT ((mach_msg_type_number_t) (sizeof(vm_region_basic_info_data_t)/sizeof(int)))
   #define VM_REGION_EXTENDED_INFO_COUNT   ((mach_msg_type_number_t) (sizeof(vm_region_extended_info_data_t)/sizeof(int)))
   #define VM_REGION_TOP_INFO_COUNT ((mach_msg_type_number_t) (sizeof(vm_region_top_info_data_t)/sizeof(int)))
-  FLAVORS = { REGION_BASIC_INFO => {:size => 30, :count => 9},
-      REGION_EXTENDED_INFO => {:size => 32, :count => 9},
-      REGION_TOP_INFO => {:size => 17,:count => 9}
+  FLAVORS = { REGION_BASIC_INFO => {:size => 30, :count => 8},
+      REGION_EXTENDED_INFO => {:size => 32, :count => 8},
+      REGION_TOP_INFO => {:size => 17,:count => 5}
   }
 
   module Pflags
@@ -39,8 +39,8 @@ module Ragweed::Wraposx::Vm
 end
 
 # Memory region info base class.
-# Currently Apple only supports the basic flavor. The other two flavors
-# are included for completeness.
+#
+# to change slightly in 0.2.0+
 #
 class Ragweed::Wraposx::RegionInfo
   def initialize(str=nil)
@@ -113,7 +113,8 @@ class Ragweed::Wraposx::RegionBasicInfo < Ragweed::Wraposx::RegionInfo
               [:offset, "L"],           # The region's offset into the memory object. The region begins at this offset. 
               [:behavior, "i"],         # Expected reference pattern for the memory.
               [:user_wired_count, "S"],
-              [:size, "I"]              # size of memory region returned
+              [:size, "I"],              # size of memory region returned
+              [:base_address, "L"]
               ]).each {|x| attr_accessor x[0]}
 
   def dump(&block)
@@ -122,7 +123,9 @@ class Ragweed::Wraposx::RegionBasicInfo < Ragweed::Wraposx::RegionInfo
 
     string =<<EOM
     -----------------------------------------------------------------------
-    INFO:
+    BASIC INFO:
+    base address:     #{self.base_address.to_s(16).rjust(8, "0")}
+    
     protection:       #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
     max_protection:   #{self.max_protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.max_protection)}
     inheritance:      #{self.inheritance.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.inheritance)}
@@ -153,7 +156,8 @@ class Ragweed::Wraposx::RegionExtendedInfo < Ragweed::Wraposx::RegionInfo
               [:shadow_depth, "S"],
               [:external_pager, "C"],
               [:share_mode, "C"],
-              [:size, "I"] ]).each {|x| attr_accessor x[0]}
+              [:size, "I"],
+              [:base_address, "I"] ]).each {|x| attr_accessor x[0]}
 
   def dump(&block)
     maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }      
@@ -161,7 +165,9 @@ class Ragweed::Wraposx::RegionExtendedInfo < Ragweed::Wraposx::RegionInfo
 
     string =<<EOM
     -----------------------------------------------------------------------
-    INFO:
+    EXTENDED INFO:
+    base address:             #{self.base_address.to_s(16).rjust(8, "0")}
+    
     protection:               #{self.protection.to_s(2).rjust(8, "0")} #{Ragweed::Wraposx::Vm::Pflags.flag_dump(self.protection)}
     user_tag:                 #{self.user_tag.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.user_tag)}
     pages_resident:           #{self.pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.pages_resident)}
@@ -190,7 +196,8 @@ class Ragweed::Wraposx::RegionTopInfo < Ragweed::Wraposx::RegionInfo
               [:private_pages_resident, "I"],
               [:shared_pages_resident, "I"],
               [:share_mode, "C"],
-              [:size, "I"]]).each {|x| attr_accessor x[0]}
+              [:size, "I"],
+              [:base_address,"I"]]).each {|x| attr_accessor x[0]}
 
   def dump(&block)
     maybe_hex = lambda {|a| begin; "\n" + (" " * 9) + block.call(a, 16).hexdump(true)[10..-2]; rescue; ""; end }
@@ -198,7 +205,9 @@ class Ragweed::Wraposx::RegionTopInfo < Ragweed::Wraposx::RegionInfo
 
     string =<<EOM
     -----------------------------------------------------------------------
-    INFO:
+    TOP INFO:
+    base address:           #{self.base_address.to_s(16).rjust(8, "0")}
+    
     obj_id:                 #{self.obj_id.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.obj_id)}
     ref_count:              #{self.ref_count.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.ref_count)}
     private_pages_resident: #{self.private_pages_resident.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.private_pages_resident)}
@@ -218,8 +227,9 @@ module Ragweed::Wraposx
 
     # Returns a string containing the memory region information for task
     # at address.
-    # Currently Apple only supports the basic flavor. The other two flavors
-    # are included for completeness.
+    #
+    # The order of the elements in the returned string will change in 0.2.0+
+    # to match the argument order.
     #
     # kern_return_t   vm_region
     #                  (vm_task_t                    target_task,
@@ -230,14 +240,15 @@ module Ragweed::Wraposx
     #                   mach_msg_type_number_t        info_count,
     #                   memory_object_name_t         object_name);
     def vm_region_raw(task, address, flavor)
-      info = ("\x00"*64).to_ptr
+      info = ("\x00"*Vm::FLAVORS[flavor][:size]).to_ptr
       count = ([Vm::FLAVORS[flavor][:count]].pack("I_")).to_ptr
       address = ([address].pack("I_")).to_ptr
       objn = ([0].pack("I_")).to_ptr
       sz = ("\x00"*SIZEOFINT).to_ptr
-      r = CALLS["libc!vm_region:IPPIPPP=I"].call(task, address, sz, Vm::FLAVORS[flavor][:count], info, count, objn).first
+      r = CALLS["libc!vm_region:IPPIPPP=I"].call(task, address, sz, flavor, info, count, objn).first
       raise KernelCallError.new(:vm_region, r) if r != 0
-      return "#{info.to_s(Vm::FLAVORS[flavor][:size])}#{sz.to_s(SIZEOFINT)}"
+      # this 
+      return "#{info.to_s(Vm::FLAVORS[flavor][:size])}#{sz.to_s(SIZEOFINT)}#{address.to_s(SIZEOFINT)}"
     end
   end
 end

data/lib/ragweed/wraposx/thread_info.rb

@@ -209,17 +209,19 @@ module Ragweed::Wraposx
   class << self
 
     # Returns the packed string representation of the thread_info_t struct for later parsing.
+    #
     # kern_return_t   thread_info
     #                (thread_act_t                     target_thread,
     #                 thread_flavor_t                         flavor,
     #                 thread_info_t                      thread_info,
     #                 mach_msg_type_number_t       thread_info_count);
     def thread_info_raw(thread, flavor)
-      info = ("\x00"*1024).to_ptr
+      raise KErrno::INVALID_ARGUMENT if ThreadInfo::FLAVORS[flavor].nil?
+      info = ("\x00"*ThreadInfo::FLAVORS[flavor][:size]).to_ptr
       count = ([Ragweed::Wraposx::ThreadInfo::FLAVORS[flavor][:count]].pack("I_")).to_ptr
       r = CALLS["libc!thread_info:IIPP=I"].call(thread,flavor,info,Ragweed::Wraposx::ThreadInfo::FLAVORS[flavor][:count]).first
       raise KernelCallError.new(r) if r != 0
-      return info.to_s(Ragweed::Wraposx::ThreadInfo::FLAVORS[flavor][:size])
+      return "#{info.to_s(ThreadInfo::FLAVORS[flavor][:size])}#{count.to_s(SizeOf::INT)}"
     end
   end
 end

data/lib/ragweed/wraposx.rb

@@ -5,7 +5,7 @@ module Ragweed; end
 module Ragweed::Wraposx
 
   # :stopdoc:
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
   LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
   PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
   # :startdoc:
@@ -42,7 +42,7 @@ module Ragweed::Wraposx
     search_me = ::File.expand_path(
         ::File.join(::File.dirname(fname), dir, '**', '*.rb'))
     
-    Dir.glob(search_me).sort.each {|rb| require rb}
+    Dir.glob(search_me).reject{|rb| rb =~ /#{__FILE__}/}.sort.each {|rb| require rb}
     # require File.dirname(File.basename(__FILE__)) + "/#{x}"
 
   end

data/lib/ragweed/wraptux.rb

@@ -5,7 +5,7 @@ module Ragweed; end
 module Ragweed::Wraptux
 
   # :stopdoc:
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
   LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
   PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
   # :startdoc:

data/lib/ragweed.rb

@@ -2,7 +2,7 @@
 module Ragweed
 
   # :stopdoc:
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
   LIBPATH = ::File.expand_path(::File.dirname(__FILE__)) + ::File::SEPARATOR
   PATH = ::File.dirname(LIBPATH) + ::File::SEPARATOR
   # :startdoc:
@@ -40,7 +40,7 @@ module Ragweed
         ::File.join(::File.dirname(fname), dir, '**', '*.rb'))
 
     # Don't want to load wrapper or debugger here.
-    Dir.glob(search_me).sort.reject{|rb| rb =~ /(wrap|debugger|rasm[^.])/}.each {|rb| require rb}
+    Dir.glob(search_me).sort.reject{|rb| rb =~ /(wrap|debugger|rasm[^\.])/}.each {|rb| require rb}
     # require File.dirname(File.basename(__FILE__)) + "/#{x}"d
   end
 
@@ -62,8 +62,8 @@ module Ragweed
     end
     
     if not pkgs.empty?
-      search_me = File.expand_path(File.join(File.dirname(fname), dir,"**", "*#{pkgs}.rb"))
-      Dir.glob(search_me).sort.each {|rb| require rb}
+      search_me = File.expand_path(File.join(File.dirname(fname), dir, "*#{pkgs}.rb"))
+      Dir.glob(search_me).sort.reverse.each {|rb| require rb}
     end
   end
 end  # module Ragweed

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: tduehr-ragweed
 version: !ruby/object:Gem::Version 
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors: 
 - tduehr, tqbf, struct
@@ -52,7 +52,6 @@ files:
 - lib/ragweed/ptr.rb
 - lib/ragweed/rasm.rb
 - lib/ragweed/rasm/isa.rb
-- lib/ragweed/rasm/util.rb
 - lib/ragweed/sbuf.rb
 - lib/ragweed/trampoline.rb
 - lib/ragweed/utils.rb

data/lib/ragweed/rasm/util.rb

@@ -1,26 +0,0 @@
-# Cheating; monkeypatching Object is evil.
-class Object
-  # self-evident
-  def callable?; respond_to? :call; end
-  def number?; kind_of? Numeric; end
-
-  # while X remains callable, keep calling it to get its value
-  def derive
-    x = self
-    while x.callable?
-      x = x()
-    end
-    return x
-  end
-end
-
-# class String
-#   # this is just horrible
-#   def distorm
-#     Frasm::DistormDecoder.new.decode(self)
-#   end
-# 
-#   def disasm
-#     distorm.each {|i| puts i.mnem}
-#   end
-# end