add trap test messages

hyperdbg/hprdbgkd/code/debugger/commands/BreakpointCommands.c

@@ -73,13 +73,12 @@ BreakpointCheckAndPerformActionsOnTrapFlags(UINT32 ProcessId, UINT32 ThreadId, B
  ResultToReturn = TRUE;
  goto Return;
  }
-
- //
- // As it's not set by the debugger (not found in our list), it means the program or
- // a debugger already set the trap flag, we'll inject #DB to the debugger
- //
- if (!Result && Rflags.TrapFlag)
+ else if (!Result && Rflags.TrapFlag)
  {
+ //
+ // As it's not set by the debugger (not found in our list), it means the program or
+ // a debugger already set the trap flag, we'll inject #DB to the debugger
+ //
  LogInfo("Caution: The process (pid:%x, tid:%x, name:%s) is utilizing a trap flag, "
  "which was not previously adjusted by HyperDbg. This occurrence could indicate "
  "the employment of an anti-debugging technique by the process or the involvement "
@@ -97,28 +96,31 @@ BreakpointCheckAndPerformActionsOnTrapFlags(UINT32 ProcessId, UINT32 ThreadId, B
  ResultToReturn = FALSE;
  goto Return;
  }
+ else
+ {
+ //
+ // *** being here means the thread is found in the list of threads that we set TRAP FLAG on it ***
+ //
 
- //
- // *** being here means the thread is found in the list of threads that we set TRAP FLAG on it ***
- //
-
- //
- // Uset or set the TRAP flag
- //
- VmFuncSetRflagTrapFlag(FALSE);
+ //
+ // Uset or set the TRAP flag
+ //
+ VmFuncSetRflagTrapFlag(FALSE);
 
- //
- // Remove the thread/process from the list
- // We're sure the Result is TRUE
- //
- ArrayManagementDeleteItem(&g_TrapFlagState.ThreadInformation[0],
- &g_TrapFlagState.NumberOfItems,
- Index);
+  //
+  // Remove the thread/process from the list
+  // We're sure the Result is TRUE
+  //
+  ArrayManagementDeleteItem(&g_TrapFlagState.ThreadInformation[0],
+  &g_TrapFlagState.NumberOfItems,
+  Index);
 
- //
- // Handled #DB by debugger
- //
- ResultToReturn = TRUE;
+ //
+ // Handled #DB by debugger
+ //
+ ResultToReturn = TRUE;
+ goto Return;
+ }
 
 Return:
 
@@ -177,13 +179,16 @@ BreakpointRestoreTheTrapFlagOnceTriggered(UINT32 ProcessId, UINT32 ThreadId)
  SuccessfullyStored = TRUE;
  goto Return;
  }
-
- //
- // Insert the thread into the list
- //
- SuccessfullyStored = ArrayManagementInsert(&g_TrapFlagState.ThreadInformation[0],
- &g_TrapFlagState.NumberOfItems,
- ProcThrdInfo.asUInt);
+ else
+ {
+ //
+ // Insert the thread into the list as the item is not already present
+ //
+ SuccessfullyStored = ArrayManagementInsert(&g_TrapFlagState.ThreadInformation[0],
+ &g_TrapFlagState.NumberOfItems,
+ ProcThrdInfo.asUInt);
+ goto Return;
+ }
 
 Return:
  //

hyperdbg/hprdbgkd/code/debugger/kernel-level/Kd.c

@@ -1558,6 +1558,15 @@ KdQueryRflagTrapState()
 {
  ULONG CoreCount;
 
+ //
+ // show the number of items
+ //
+ LogInfo("Number of valid entries: 0x%x\n"
+ "(Please be aware that only top 0x%x items are considered valid. "
+ "There could be other items present in the array, but they are not valid.)",
+ g_TrapFlagState.NumberOfItems,
+ g_TrapFlagState.NumberOfItems);
+
  for (size_t i = 0; i < MAXIMUM_NUMBER_OF_THREAD_INFORMATION_FOR_TRAPS; i++)
  {
  LogInfo("g_TrapFlagState.ThreadInformation[%d].ProcessId = %x | ThreadId = %x",

hyperdbg/include/SDK/Headers/Constants.h

@@ -401,7 +401,7 @@ const unsigned char BuildSignature[] = {
  * trap flag for them
  *
  */
-#define MAXIMUM_NUMBER_OF_THREAD_INFORMATION_FOR_TRAPS 100
+#define MAXIMUM_NUMBER_OF_THREAD_INFORMATION_FOR_TRAPS 200
 
 //////////////////////////////////////////////////
 // Pool tags used in HyperDbg //

hyperdbg/include/components/optimizations/code/BinarySearch.c

@@ -130,8 +130,18 @@ ArrayManagementBinarySearch(UINT64 ArrayPtr[], UINT32 NumberOfItems, UINT32 * Re
  Limit = TestPos;
  }
 
- *ResultIndex = Position;
- return (Position < NumberOfItems && ArrayPtr[Position] == Key);
+ if (Position < NumberOfItems && ArrayPtr[Position] == Key)
+ {
+ //
+ // Set the result position in the array
+ //
+ *ResultIndex = Position;
+ return TRUE;
+ }
+ else
+ {
+ return FALSE;
+ }
 }
 
 /**