[ext_windbg] !ks command: fix DML enhanced output in WindDbg Preview

Thank you @Fist0urs for reporting the issue.
xusheng6 · Sep 9, 2020 · 5146a1f · 5146a1f
1 parent c9945b0
commit 5146a1f
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 34 deletions.
diff --git a/ext_windbg/sync/sync/sync.cpp b/ext_windbg/sync/sync/sync.cpp
@@ -2149,10 +2149,10 @@ modcheck(PDEBUG_CLIENT4 Client, PCSTR Args)
 HRESULT
 KsParseLine(char *cmd, ULONG ProcType)
 {
-    HRESULT hRes;
+    HRESULT hRes = E_FAIL;
     int i;
     int nbArgs = (ProcType == IMAGE_FILE_MACHINE_AMD64) ? 4 : 3;
-    char *childebp, *retaddr, *arg, *callsite = NULL;
+    char *ctx = NULL, *childebp = NULL, *retaddr = NULL, *arg = NULL;
 
     // match hex address...
     if (!(((*cmd >= 0x30) && (*cmd <= 0x39)) || ((*cmd >= 0x61) && (*cmd <= 0x66))))
@@ -2164,10 +2164,11 @@ KsParseLine(char *cmd, ULONG ProcType)
         goto Exit;
     }
 
-    childebp = cmd;
 
-    if (FAILED(hRes = NextChunk(childebp, &retaddr)) ||
-        FAILED(hRes = NextChunk(retaddr, &arg)))
+    childebp = strtok_s(cmd, " ", &ctx);
+    retaddr = strtok_s(NULL, " ", &ctx);
+
+    if (childebp == NULL || retaddr == NULL)
         goto Exit;
 
     // output Child-SP and RetAddr (respectively with 'dc' and '!jmpto' as DML)
@@ -2188,9 +2189,9 @@ KsParseLine(char *cmd, ULONG ProcType)
     // output arguments, 4 when x64, 3 when x86 (with 'dc' as DML)
     for (i = 0; i < nbArgs; i++)
     {
-        if (FAILED(hRes = NextChunk(arg, &callsite))){
+        arg = strtok_s(NULL, " ", &ctx);
+        if (arg == NULL)
             goto Exit;
-        }
 
         hRes = g_ExtControl->ControlledOutput(
             DEBUG_OUTCTL_AMBIENT_DML,
@@ -2201,8 +2202,6 @@ KsParseLine(char *cmd, ULONG ProcType)
         if (FAILED(hRes)){
             goto Exit;
         }
-
-        arg = callsite;
     }
 
     if (ProcType == IMAGE_FILE_MACHINE_AMD64){
@@ -2214,7 +2213,7 @@ KsParseLine(char *cmd, ULONG ProcType)
         DEBUG_OUTCTL_AMBIENT_DML,
         DEBUG_OUTPUT_NORMAL,
         "<exec cmd=\"!jmpto %s\">%s</exec>\n",
-        callsite, callsite);
+        ctx, ctx);
 
 Exit:
     return hRes;

diff --git a/ext_windbg/sync/sync/tunnel.cpp b/ext_windbg/sync/sync/tunnel.cpp
@@ -1,5 +1,5 @@
 /*
-Copyright (C) 2016, Alexandre Gazet.
+Copyright (C) 2016-2020, Alexandre Gazet.
 
 Copyright (C) 2012-2015, Quarkslab.
 
@@ -158,26 +158,6 @@ ToHexString(const BYTE *pbBinary, DWORD cbBinary, LPSTR *pszString)
 }
 
 
-HRESULT
-NextChunk(char *cmd, char **nextc)
-{
-    char *tmp;
-
-    tmp = strchr(cmd, 0x20);
-    if (tmp == NULL)
-        return E_FAIL;
-
-    *tmp = 0;
-    *nextc = tmp+1;
-
-    if (**nextc == 0x3a){
-        NextChunk(*nextc, nextc);
-    }
-
-    return S_OK;
-}
-
-
 // return S_OK if socket is created and synchronized
 HRESULT TunnelIsUp()
 {

diff --git a/ext_windbg/sync/sync/tunnel.h b/ext_windbg/sync/sync/tunnel.h
@@ -1,5 +1,5 @@
 /*
-Copyright (C) 2016, Alexandre Gazet.
+Copyright (C) 2016-2020, Alexandre Gazet.
 
 Copyright (C) 2012-2015, Quarkslab.
 
@@ -41,6 +41,4 @@ HRESULT ToBase64(const BYTE *pbBinary, DWORD cbBinary, LPSTR *pszString);
 
 HRESULT FromBase64(LPCSTR pszString, BYTE **ppbBinary);
 
-HRESULT NextChunk(char *cmd, char **nextc);
-
 HRESULT WsaErrMsg(int LastError);