Merge pull request #388 from xmaple555/dev

add stack buffer in vmx-root

hyperdbg/hprdbgctrl/code/debugger/script-engine/script-engine-wrapper.cpp

@@ -390,10 +390,36 @@ ScriptEngineEvalWrapper(PGUEST_REGS GuestRegs,
  //
  // Making symbol buffer
  //
- PSYMBOL_BUFFER StackBuffer = GetStackBuffer();
- int StackIndx = 0;
- int StackBaseIndx = 0;
- int StackTempBaseIndx = 0;
+
+ PSYMBOL_BUFFER StackBuffer = (PSYMBOL_BUFFER)malloc(sizeof(SYMBOL_BUFFER));
+ if (StackBuffer == NULL)
+ {
+ free(g_ScriptGlobalVariables);
+ free(g_ScriptLocalVariables);
+
+ ShowMessages("err, could not allocate memory for user-mode stack buffer");
+
+ return;
+ }
+ StackBuffer->Pointer = 0;
+ StackBuffer->Size = 0;
+ StackBuffer->Message = NULL;
+ StackBuffer->Head = (PSYMBOL)malloc(MAX_STACK_BUFFER_COUNT * sizeof(SYMBOL));
+ if (StackBuffer->Head == NULL)
+ {
+ free(g_ScriptGlobalVariables);
+ free(g_ScriptLocalVariables);
+ free(StackBuffer);
+ ShowMessages("err, could not allocate memory for user-mode stack buffer");
+
+ return;
+ }
+ RtlZeroMemory(StackBuffer->Head, MAX_STACK_BUFFER_COUNT * sizeof(SYMBOL));
+
+
+ int StackIndx = 0;
+ int StackBaseIndx = 0;
+ int StackTempBaseIndx = 0;
 
  if (CodeBuffer->Message == NULL)
  {

hyperdbg/hprdbgkd/code/debugger/core/Debugger.c

@@ -186,6 +186,30 @@ DebuggerInitialize()
  return FALSE;
  }
 
+ if (!CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer)
+ {
+ CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer = PlatformMemAllocateNonPagedPool(sizeof(SYMBOL_BUFFER));
+
+ if (CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer)
+ {
+ PSYMBOL_BUFFER StackBuffer = (PSYMBOL_BUFFER)CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer;
+ StackBuffer->Pointer = 0;
+ StackBuffer->Size = 0;
+ StackBuffer->Message = NULL;
+ StackBuffer->Head = PlatformMemAllocateNonPagedPool(MAX_STACK_BUFFER_COUNT * sizeof(SYMBOL));
+ if (!StackBuffer->Head)
+ {
+ return FALSE;
+ }
+ RtlZeroMemory(StackBuffer->Head, MAX_STACK_BUFFER_COUNT * sizeof(SYMBOL));
+ }
+ }
+
+ if (!CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer)
+ {
+ return FALSE;
+ }
+
  //
  // Zero the local and temp variables memory
  //
@@ -315,6 +339,18 @@ DebuggerUninitialize()
  PlatformMemFreePool(CurrentDebuggerState->ScriptEngineCoreSpecificTempVariable);
  CurrentDebuggerState->ScriptEngineCoreSpecificTempVariable = NULL;
  }
+
+ if (CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer != NULL)
+ {
+ PSYMBOL_BUFFER StackBuffer = (PSYMBOL_BUFFER)CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer;
+ if ((StackBuffer)->Head != NULL)
+ {
+ PlatformMemFreePool(StackBuffer->Head);
+ }
+
+ PlatformMemFreePool(CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer);
+ CurrentDebuggerState->ScriptEngineCoreSpecificStackBuffer = NULL;
+ }
  }
 
  //
@@ -1642,6 +1678,24 @@ DebuggerPerformRunScript(PROCESSOR_DEBUGGING_STATE * DbgState,
  VariablesList.LocalVariablesList = DbgState->ScriptEngineCoreSpecificLocalVariable;
  VariablesList.TempList = DbgState->ScriptEngineCoreSpecificTempVariable;
 
+ PSYMBOL_BUFFER StackBuffer = (PSYMBOL_BUFFER)DbgState->ScriptEngineCoreSpecificStackBuffer;
+ if (!StackBuffer || !StackBuffer->Head)
+ {
+ //
+ // Not allocate memroy to stack buffer
+ //
+ return FALSE;
+ }
+
+ StackBuffer->Pointer = 0;
+ StackBuffer->Size = 0;
+ StackBuffer->Message = NULL;
+ RtlZeroMemory(StackBuffer->Head, MAX_STACK_BUFFER_COUNT * sizeof(SYMBOL));
+
+ int StackIndx = 0;
+ int StackBaseIndx = 0;
+ int StackTempBaseIndx = 0;
+
  for (UINT64 i = 0; i < CodeBuffer.Pointer;)
  {
  //
@@ -1653,10 +1707,10 @@ DebuggerPerformRunScript(PROCESSOR_DEBUGGING_STATE * DbgState,
  &VariablesList,
  &CodeBuffer,
  &i,
- NULL,
- NULL,
- NULL,
- NULL,
+ StackBuffer,
+ &StackIndx,
+ &StackBaseIndx,
+ &StackTempBaseIndx,
  &ErrorSymbol) == TRUE)
  {
  CHAR NameOfOperator[MAX_FUNCTION_NAME_LENGTH] = {0};

hyperdbg/hprdbgkd/header/debugger/core/State.h

@@ -170,6 +170,7 @@ typedef struct _PROCESSOR_DEBUGGING_STATE
  UINT64 HardwareDebugRegisterForStepping;
  UINT64 * ScriptEngineCoreSpecificLocalVariable;
  UINT64 * ScriptEngineCoreSpecificTempVariable;
+ UINT64 * ScriptEngineCoreSpecificStackBuffer;
  PKDPC KdDpcObject; // DPC object to be used in kernel debugger
  CHAR KdRecvBuffer[MaxSerialPacketSize]; // Used for debugging buffers (receiving buffers from serial devices)
 

hyperdbg/include/SDK/Headers/Constants.h

@@ -625,6 +625,8 @@ const unsigned char BuildSignature[] = {
 
 #define MAX_TEMP_COUNT 128
 
+#define MAX_STACK_BUFFER_COUNT 128
+
 // TODO: Extract number of variables from input of ScriptEngine
 // and allocate variableList Dynamically.
 #define MAX_VAR_COUNT 512

hyperdbg/include/SDK/Imports/HyperDbgScriptImports.h

@@ -19,7 +19,6 @@ extern "C" {
 #endif
 
 __declspec(dllimport) PSYMBOL_BUFFER ScriptEngineParse(char * str);
-__declspec(dllimport) PSYMBOL_BUFFER GetStackBuffer();
 __declspec(dllimport) void PrintSymbolBuffer(const PSYMBOL_BUFFER SymbolBuffer);
 __declspec(dllimport) void PrintSymbol(PSYMBOL Symbol);
 __declspec(dllimport) void RemoveSymbolBuffer(PSYMBOL_BUFFER SymbolBuffer);

hyperdbg/script-engine/code/script-engine.c

@@ -3112,15 +3112,4 @@ LalrIsOperandType(PTOKEN Token)
  return TRUE;
  }
  return FALSE;
-}
-
-PSYMBOL_BUFFER
-GetStackBuffer()
-{
- PSYMBOL_BUFFER StackBuffer = NewSymbolBuffer();
- for (int i = 0; i < 128; i++)
- {
- PushSymbol(StackBuffer, NewSymbol());
- }
- return StackBuffer;
-}
+}

hyperdbg/script-engine/header/script-engine.h

@@ -100,7 +100,6 @@ PSYMBOL
 ToSymbol(PTOKEN PTOKEN, PSCRIPT_ENGINE_ERROR_TYPE Error);
 
 __declspec(dllexport) PSYMBOL_BUFFER ScriptEngineParse(char * str);
-__declspec(dllexport) PSYMBOL_BUFFER GetStackBuffer();
 
 void
 ScriptEngineBooleanExpresssionParse(