archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/sdktools/uwdump/uwdump.c

743 lines
18 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2001 Microsoft Corporation
  5. Module Name:
  7. uwdump.c
  9. Abstract:
  11. This module implements a program which dumps the function table and
  12. unwind data for a specified executable file. It is an AMD64 specific
  13. program.
  15. Author:
  17. David N. Cutler (davec) 6-Feb-2001
  19. Environment:
  21. User mode.
  23. Revision History:
  25. None.
  27. --*/
  29. #include <nt.h>
  30. #include <ntrtl.h>
  31. #include <nturtl.h>
  32. #include <windows.h>
  33. #include <stdio.h>
  34. #include <stdlib.h>
  36. //
  37. // Define AMD64 exception handling structures and function prototypes.
  38. //
  39. // Define unwind operation codes.
  40. //
  42. typedef enum _UNWIND_OP_CODES {
  43. UWOP_PUSH_NONVOL = 0,
  44. UWOP_ALLOC_LARGE,
  45. UWOP_ALLOC_SMALL,
  46. UWOP_SET_FPREG,
  47. UWOP_SAVE_NONVOL,
  48. UWOP_SAVE_NONVOL_FAR,
  49. UWOP_SAVE_XMM,
  50. UWOP_SAVE_XMM_FAR,
  51. UWOP_SAVE_XMM128,
  52. UWOP_SAVE_XMM128_FAR,
  53. UWOP_PUSH_MACHFRAME
  54. } UNWIND_OP_CODES, *PUNWIND_OP_CODES;
  56. //
  57. // Define unwind code structure.
  58. //
  60. typedef union _UNWIND_CODE {
  61. struct {
  62. UCHAR CodeOffset;
  63. UCHAR UnwindOp : 4;
  64. UCHAR OpInfo : 4;
  65. };
  67. USHORT FrameOffset;
  68. } UNWIND_CODE, *PUNWIND_CODE;
  70. //
  71. // Define unwind information flags.
  72. //
  74. #define UNW_FLAG_NHANDLER 0x0
  75. #define UNW_FLAG_EHANDLER 0x1
  76. #define UNW_FLAG_UHANDLER 0x2
  77. #define UNW_FLAG_CHAININFO 0x4
  79. //
  80. // Define unwind information structure.
  81. //
  83. typedef struct _UNWIND_INFO {
  84. UCHAR Version : 3;
  85. UCHAR Flags : 5;
  86. UCHAR SizeOfProlog;
  87. UCHAR CountOfCodes;
  88. UCHAR FrameRegister : 4;
  89. UCHAR FrameOffset : 4;
  90. UNWIND_CODE UnwindCode[1];
  92. //
  93. // The unwind codes are followed by an optional DWORD aligned field that
  94. // contains the exception handler address or the address of chained unwind
  95. // information. If an exception handler address is specified, then it is
  96. // followed by the language specified exception handler data.
  97. //
  98. // union {
  99. // ULONG ExceptionHandler;
  100. // ULONG FunctionEntry;
  101. // };
  102. //
  103. // ULONG ExceptionData[];
  104. //
  106. } UNWIND_INFO, *PUNWIND_INFO;
  108. //
  109. // Define function table entry - a function table entry is generated for
  110. // each frame function.
  111. //
  113. typedef struct _RUNTIME_FUNCTION {
  114. ULONG BeginAddress;
  115. ULONG EndAddress;
  116. ULONG UnwindData;
  117. } RUNTIME_FUNCTION, *PRUNTIME_FUNCTION;
  119. //
  120. // Scope table structure definition.
  121. //
  123. typedef struct _SCOPE_ENTRY {
  124. ULONG BeginAddress;
  125. ULONG EndAddress;
  126. ULONG HandlerAddress;
  127. ULONG JumpTarget;
  128. } SCOPE_ENTRY;
  130. typedef struct _SCOPE_TABLE {
  131. ULONG Count;
  132. struct
  133. {
  134. ULONG BeginAddress;
  135. ULONG EndAddress;
  136. ULONG HandlerAddress;
  137. ULONG JumpTarget;
  138. } ScopeRecord[1];
  139. } SCOPE_TABLE, *PSCOPE_TABLE;
  141. //
  142. // Define register names.
  143. //
  145. PCHAR Register[] = {"rax", "rcx", "rdx", "rbx", "rsp", "rbp", "rsi", "rdi",
  146. "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
  147. "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5", "xxm6",
  148. "xmm7", "xmm8", "xmm9", "xmm10", "xmm11", "xmm12",
  149. "xmm13", "xxm14", "xmm15"};
  151. //
  152. // Define the sector size and header buffer.
  153. //
  155. #define SECTOR_SIZE 512
  156. CHAR LocalBuffer[SECTOR_SIZE * 2];
  158. //
  159. // Define input file stream.
  160. //
  162. FILE * InputFile;
  164. //
  165. // This gobal indicates whether we are processing an executable or an obj.
  166. //
  168. BOOLEAN IsObj;
  170. //
  171. // Define forward referenced prototypes.
  172. //
  174. VOID
  175. DumpPdata (
  176. IN ULONG NumberOfSections,
  177. IN PIMAGE_SECTION_HEADER SectionHeaders,
  178. IN PIMAGE_SECTION_HEADER PdataHeader
  179. );
  181. VOID
  182. DumpUData (
  183. IN ULONG NumberOfSections,
  184. IN PIMAGE_SECTION_HEADER SectionHeaders,
  185. IN ULONG Virtual
  186. );
  188. PIMAGE_SECTION_HEADER
  189. FindSectionHeader (
  190. IN ULONG NumberOfSections,
  191. IN PIMAGE_SECTION_HEADER SectionHeaders,
  192. IN PCHAR SectionName
  193. );
  195. VOID
  196. ReadData (
  197. IN ULONG Position,
  198. OUT PVOID Buffer,
  199. IN ULONG Count
  200. );
  202. USHORT
  203. ReadWord (
  204. IN ULONG Position
  205. );
  207. ULONG
  208. ReadDword (
  209. IN ULONG Position
  210. );
  212. //
  213. // Main program.
  214. //
  216. int
  217. __cdecl
  218. main(
  219. int argc,
  220. char **argv
  221. )
  223. {
  225. PIMAGE_FILE_HEADER FileHeader;
  226. PCHAR FileName;
  227. ULONG Index;
  228. PIMAGE_NT_HEADERS NtHeaders;
  229. ULONG NumberOfSections;
  230. PIMAGE_SECTION_HEADER PDataHeader;
  231. PIMAGE_SECTION_HEADER SectionHeaders;
  233. if (argc < 2) {
  234. printf("no executable file specified\n");
  236. } else {
  238. //
  239. // Open the input file.
  240. //
  242. FileName = argv[1];
  243. InputFile = fopen(FileName, "rb");
  244. if (InputFile != NULL) {
  246. //
  247. // Read the file header.
  248. //
  250. if (fread(&LocalBuffer[0],
  251. sizeof(CHAR),
  252. SECTOR_SIZE * 2,
  253. InputFile) == (SECTOR_SIZE * 2)) {
  255. //
  256. // Get the NT header address.
  257. //
  259. NtHeaders = RtlImageNtHeader(&LocalBuffer[0]);
  260. if (NtHeaders != NULL) {
  261. IsObj = FALSE;
  262. FileHeader = &NtHeaders->FileHeader;
  263. } else {
  264. IsObj = TRUE;
  265. FileHeader = (PIMAGE_FILE_HEADER)LocalBuffer;
  266. }
  268. printf("FileHeader->Machine %d\n",FileHeader->Machine);
  270. if (FileHeader->Machine == IMAGE_FILE_MACHINE_AMD64) {
  272. //
  273. // Look up the .pdata section.
  274. //
  276. NumberOfSections = FileHeader->NumberOfSections;
  278. SectionHeaders =
  279. (PIMAGE_SECTION_HEADER)((PUCHAR)(FileHeader + 1) +
  280. FileHeader->SizeOfOptionalHeader);
  282. PDataHeader = FindSectionHeader(NumberOfSections,
  283. SectionHeaders,
  284. ".pdata");
  286. if (PDataHeader != NULL) {
  287. printf("Dumping Unwind Information for file %s\n\n", FileName);
  288. DumpPdata(NumberOfSections,
  289. &SectionHeaders[0],
  290. PDataHeader);
  292. return 0;
  293. }
  295. printf("no .pdata section in image\n");
  297. } else {
  298. printf("the specified file is not an amd64 executable\n");
  299. }
  301. } else {
  302. printf("premature end of file encountered on input file\n");
  303. }
  305. fclose(InputFile);
  307. } else {
  308. printf("can't open input file %s\n", FileName);
  309. }
  310. }
  312. return 0;
  313. }
  315. VOID
  316. DumpPdata (
  317. IN ULONG NumberOfSections,
  318. IN PIMAGE_SECTION_HEADER SectionHeaders,
  319. IN PIMAGE_SECTION_HEADER PdataHeader
  320. )
  322. {
  324. RUNTIME_FUNCTION Entry;
  325. ULONG Number;
  326. ULONG Offset;
  327. ULONG SectionSize;
  329. //
  330. // Dump a .pdata function table entry and then dump the associated
  331. // unwind data.
  332. //
  334. if (IsObj == FALSE) {
  335. SectionSize = PdataHeader->Misc.VirtualSize;
  336. } else {
  337. SectionSize = PdataHeader->SizeOfRawData;
  338. }
  340. Number = 1;
  341. Offset = 0;
  342. do {
  344. //
  345. // Read and dump the next function table entry.
  346. //
  348. ReadData(PdataHeader->PointerToRawData + Offset,
  349. &Entry,
  350. sizeof(RUNTIME_FUNCTION));
  352. printf(".pdata entry %d 0x%08lX 0x%08lX\n",
  353. Number,
  354. Entry.BeginAddress,
  355. Entry.EndAddress);
  357. //
  358. // Dump the unwind data assoicated with the function table entry.
  359. //
  361. DumpUData(NumberOfSections, SectionHeaders, Entry.UnwindData);
  363. //
  364. // Increment the entry number and update the offset to the next
  365. // function table entry.
  366. //
  368. Number += 1;
  369. Offset += sizeof(RUNTIME_FUNCTION);
  370. } while (Offset < SectionSize);
  372. //
  373. // Function offset and size of raw data should be equal if there is
  374. // the correct amount of data in the .pdata section.
  375. //
  377. if (Offset != SectionSize) {
  378. printf("incorrect size of raw data in .pdata, 0x%lx\n",
  379. PdataHeader->SizeOfRawData);
  380. }
  382. return;
  383. }
  385. VOID
  386. DumpUData (
  387. IN ULONG NumberOfSections,
  388. IN PIMAGE_SECTION_HEADER SectionHeaders,
  389. IN ULONG Virtual
  390. )
  392. {
  394. ULONG Allocation;
  395. ULONG Count;
  396. ULONG Displacement;
  397. ULONG FrameOffset = 0;
  398. ULONG FrameRegister = 0;
  399. ULONG Handler;
  400. ULONG Index;
  401. ULONG Offset;
  402. SCOPE_ENTRY ScopeEntry;
  403. UNWIND_CODE UnwindCode;
  404. UNWIND_INFO UnwindInfo;
  405. PIMAGE_SECTION_HEADER XdataHeader;
  407. //
  408. // Locate the section that contains the unwind data.
  409. //
  411. printf("\n");
  412. printf(" Unwind data: 0x%08lX\n\n", Virtual);
  414. if (IsObj == FALSE) {
  415. XdataHeader = SectionHeaders;
  416. for (Index = 0; Index < NumberOfSections; Index += 1) {
  417. if ((XdataHeader->VirtualAddress <= Virtual) &&
  418. (Virtual < (XdataHeader->VirtualAddress + XdataHeader->Misc.VirtualSize))) {
  419. break;
  420. }
  422. XdataHeader += 1;
  423. }
  425. if (Index == NumberOfSections) {
  426. printf(" unwind data address outside of image\n\n");
  427. return;
  428. }
  430. Offset = Virtual -
  431. XdataHeader->VirtualAddress +
  432. XdataHeader->PointerToRawData;
  434. } else {
  436. //
  437. // This is an .obj, so there is only one Xdata header
  438. //
  440. XdataHeader = FindSectionHeader(NumberOfSections,
  441. SectionHeaders,
  442. ".xdata");
  444. Offset = Virtual + XdataHeader->PointerToRawData;
  445. }
  447. //
  448. // Read unwind information.
  449. //
  451. ReadData(Offset,
  452. &UnwindInfo,
  453. sizeof(UNWIND_INFO) - sizeof(UNWIND_CODE));
  455. //
  456. // Dump unwind version.
  457. //
  459. printf(" Unwind version: %d\n", UnwindInfo.Version);
  461. //
  462. // Dump unwind flags.
  463. //
  465. printf(" Unwind Flags: ");
  466. if ((UnwindInfo.Flags & UNW_FLAG_EHANDLER) != 0) {
  467. printf("EHANDLER ");
  468. }
  470. if ((UnwindInfo.Flags & UNW_FLAG_UHANDLER) != 0) {
  471. printf("UHANDLER ");
  472. }
  474. if ((UnwindInfo.Flags & UNW_FLAG_CHAININFO) != 0) {
  475. printf("CHAININFO");
  476. }
  478. if (UnwindInfo.Flags == 0) {
  479. printf("None");
  480. }
  482. printf("\n");
  484. //
  485. // Dump size of prologue.
  486. //
  488. printf(" Size of prologue: 0x%02lX\n", UnwindInfo.SizeOfProlog);
  490. //
  491. // Dump number of unwind codes.
  492. //
  494. printf(" Count of codes: %d\n", UnwindInfo.CountOfCodes);
  496. //
  497. // Dump frame register if specified.
  498. //
  500. if (UnwindInfo.FrameRegister != 0) {
  501. FrameOffset = UnwindInfo.FrameOffset * 16;
  502. FrameRegister = UnwindInfo.FrameRegister;
  503. printf(" Frame register: %s\n", Register[FrameRegister]);
  504. printf(" Frame offset: 0x%lx\n", FrameOffset);
  505. }
  507. //
  508. // Dump the unwind codes.
  509. //
  511. Offset += sizeof(UNWIND_INFO) - sizeof(UNWIND_CODE);
  512. if (UnwindInfo.CountOfCodes != 0) {
  513. printf(" Unwind codes:\n\n");
  514. Count = UnwindInfo.CountOfCodes;
  515. do {
  516. Count -= 1;
  517. UnwindCode.FrameOffset = ReadWord(Offset);
  518. Offset += sizeof(USHORT);
  519. printf(" Code offset: 0x%02lX, ", UnwindCode.CodeOffset);
  520. switch (UnwindCode.UnwindOp) {
  521. case UWOP_PUSH_NONVOL:
  522. printf("PUSH_NONVOL, register=%s\n", Register[UnwindCode.OpInfo]);
  523. break;
  525. case UWOP_ALLOC_LARGE:
  526. Count -= 1;
  527. Allocation = ReadWord(Offset);
  528. Offset += sizeof(USHORT);
  529. if (UnwindCode.OpInfo == 0) {
  530. Allocation *= 8;
  532. } else {
  533. Count -= 1;
  534. Allocation = (Allocation << 16) + ReadWord(Offset);
  535. Offset += sizeof(USHORT);
  536. }
  538. printf("ALLOC_LARGE, size=0x%lX\n", Allocation);
  539. break;
  541. case UWOP_ALLOC_SMALL:
  542. Allocation = (UnwindCode.OpInfo * 8) + 8;
  543. printf("ALLOC_SMALL, size=0x%lX\n", Allocation);
  544. break;
  546. case UWOP_SET_FPREG:
  547. printf("SET_FPREG, register=%s, offset=0x%02lX\n",
  548. Register[FrameRegister], FrameOffset);
  549. break;
  551. case UWOP_SAVE_NONVOL:
  552. Count -= 1;
  553. Displacement = ReadWord(Offset) * 8;
  554. Offset += sizeof(USHORT);
  555. printf("SAVE_NONVOL, register=%s offset=0x%lX\n",
  556. Register[UnwindCode.OpInfo],
  557. Displacement);
  558. break;
  560. case UWOP_SAVE_NONVOL_FAR:
  561. Count -= 2;
  562. Displacement = ReadWord(Offset) << 16;
  563. Offset += sizeof(USHORT);
  564. Displacement = Displacement + ReadWord(Offset);
  565. Offset += sizeof(USHORT);
  566. printf("SAVE_NONVOL_FAR, register=%s offset=0x%lX\n",
  567. Register[UnwindCode.OpInfo],
  568. Displacement);
  569. break;
  571. case UWOP_SAVE_XMM:
  572. Count -= 1;
  573. Displacement = ReadWord(Offset) * 8;
  574. Offset += sizeof(USHORT);
  575. printf("SAVE_XMM, register=%s offset=0x%lX\n",
  576. Register[UnwindCode.OpInfo + 16],
  577. Displacement);
  578. break;
  580. case UWOP_SAVE_XMM_FAR:
  581. Count -= 2;
  582. Displacement = ReadWord(Offset) << 16;
  583. Offset += sizeof(USHORT);
  584. Displacement = Displacement + ReadWord(Offset);
  585. Offset += sizeof(USHORT);
  586. printf("SAVE_XMM_FAR, register=%s offset=0x%lX\n",
  587. Register[UnwindCode.OpInfo + 16],
  588. Displacement);
  589. break;
  591. case UWOP_SAVE_XMM128:
  592. Count -= 1;
  593. Displacement = ReadWord(Offset) * 16;
  594. Offset += sizeof(USHORT);
  595. printf("SAVE_XMM128, register=%s offset=0x%lX\n",
  596. Register[UnwindCode.OpInfo + 16],
  597. Displacement);
  598. break;
  600. case UWOP_SAVE_XMM128_FAR:
  601. Count -= 2;
  602. Displacement = ReadWord(Offset) << 16;
  603. Offset += sizeof(USHORT);
  604. Displacement = Displacement + ReadWord(Offset);
  605. Offset += sizeof(USHORT);
  606. printf("SAVE_XMM128_FAR, register=%s offset=0x%lX\n",
  607. Register[UnwindCode.OpInfo + 16],
  608. Displacement);
  609. break;
  611. case UWOP_PUSH_MACHFRAME:
  612. if (UnwindCode.OpInfo == 0) {
  613. printf("PUSH_MACHFRAME without error code\n");
  615. } else {
  616. printf("PUSH_MACHFRAME with error code\n");
  617. }
  619. break;
  620. }
  622. } while (Count != 0);
  623. }
  625. //
  626. // Dump exception data if there is an excpetion or termination
  627. // handler.
  628. //
  630. if (((UnwindInfo.Flags & UNW_FLAG_EHANDLER) != 0) ||
  631. ((UnwindInfo.Flags & UNW_FLAG_UHANDLER) != 0)) {
  633. if ((UnwindInfo.CountOfCodes & 1) != 0) {
  634. Offset += sizeof(USHORT);
  635. }
  637. Handler = ReadDword(Offset);
  638. Offset += sizeof(ULONG);
  639. Count = ReadDword(Offset);
  640. Offset += sizeof(ULONG);
  641. printf("\n");
  642. printf(" Language specific handler: 0x%08lX\n", Handler);
  643. printf(" Count of scope table entries: %d\n\n", Count);
  644. if (Count != 0) {
  645. printf(" Begin End Handler Target\n");
  646. do {
  647. ReadData(Offset, &ScopeEntry, sizeof(SCOPE_ENTRY));
  648. printf(" 0x%08lX 0x%08lX 0x%08lX 0x%08lX\n",
  649. ScopeEntry.BeginAddress,
  650. ScopeEntry.EndAddress,
  651. ScopeEntry.HandlerAddress,
  652. ScopeEntry.JumpTarget);
  654. Count -= 1;
  655. Offset += sizeof(SCOPE_ENTRY);
  656. } while (Count != 0);
  657. }
  658. }
  660. printf("\n");
  661. return;
  662. }
  664. PIMAGE_SECTION_HEADER
  665. FindSectionHeader (
  666. IN ULONG NumberOfSections,
  667. IN PIMAGE_SECTION_HEADER SectionHeaders,
  668. IN PCHAR SectionName
  669. )
  670. {
  671. ULONG RemainingSections;
  672. PIMAGE_SECTION_HEADER SectionHeader;
  674. SectionHeader = SectionHeaders;
  675. RemainingSections = NumberOfSections;
  677. while (RemainingSections > 0) {
  679. if (strncmp(SectionHeader->Name,
  680. SectionName,
  681. IMAGE_SIZEOF_SHORT_NAME) == 0) {
  683. return SectionHeader;
  684. }
  686. RemainingSections -= 1;
  687. SectionHeader += 1;
  688. }
  690. return NULL;
  691. }
  693. VOID
  694. ReadData (
  695. IN ULONG Position,
  696. OUT PVOID Buffer,
  697. IN ULONG Count
  698. )
  700. {
  702. if (fseek(InputFile,
  703. Position,
  704. SEEK_SET) == 0) {
  706. if (fread((PCHAR)Buffer,
  707. 1,
  708. Count,
  709. InputFile) == Count) {
  711. return;
  712. }
  713. }
  715. printf("premature end of file encounterd on inpout file\n");
  716. exit(0);
  717. }
  719. USHORT
  720. ReadWord (
  721. IN ULONG Position
  722. )
  724. {
  726. USHORT Buffer;
  728. ReadData(Position, &Buffer, sizeof(USHORT));
  729. return Buffer;
  730. }
  732. ULONG
  733. ReadDword (
  734. IN ULONG Position
  735. )
  737. {
  739. ULONG Buffer;
  741. ReadData(Position, &Buffer, sizeof(ULONG));
  742. return Buffer;
  743. }