Rooba
/
ImHex
mirror of https://github.com/WerWolv/ImHex.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ImHex/plugins/builtin/include/content/providers/process_memory_provider.hpp

117 lines
4.1 KiB
C++
Raw Normal View History

feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
#pragma once
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
#if defined(OS_WINDOWS) || defined (OS_LINUX)
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
#include <hex/providers/provider.hpp>
refactor: Rename and update localization system
2023-11-21 13:38:01 +00:00
#include <hex/api/localization_manager.hpp>
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
feat: Display process icons in process memory provider
2023-01-03 15:34:22 +00:00
#include <hex/ui/imgui_imhex_extensions.h>
feat: Added filtering to Process Memory Provider
2023-01-05 08:30:15 +00:00
#include <hex/ui/widgets.hpp>
fix: Process Memory provider search not being case insensitive
2023-01-28 10:41:09 +00:00
#include <hex/helpers/utils.hpp>
feat: Display process icons in process memory provider
2023-01-03 15:34:22 +00:00
impr: Optimize includes in often used header files
2023-11-18 13:34:33 +00:00
#include <set>
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
#include <thread>
#include <nlohmann/json.hpp>
#if defined(OS_WINDOWS)
#include <windows.h>
#elif defined(OS_LINUX)
#include <sys/types.h>
#endif
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
namespace hex::plugin::builtin {
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
class ProcessMemoryProvider : public hex::prv::Provider {
public:
ProcessMemoryProvider() = default;
~ProcessMemoryProvider() override = default;
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
[[nodiscard]] bool isAvailable() const override {
#ifdef _WIN32
return this->m_processHandle != nullptr;
#elif __linux__
return this->m_processId != -1;
#endif
}
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
[[nodiscard]] bool isReadable() const override { return true; }
[[nodiscard]] bool isWritable() const override { return true; }
[[nodiscard]] bool isResizable() const override { return false; }
[[nodiscard]] bool isSavable() const override { return false; }
impr: Separate the behaviour of being savable and being dumpable for provider (#1183) ### Problem description Currently, the providers use the method `isSavable()` to determine both if they can use "Save" or "Save as". This behaviour is problematic because some providers may need to be saveable but not saveable as: for example the view provider. The original provider may not allow to be saved. ### Implementation description I separate these two behaviour by creating another function: `isDumpable()`, that return true by default but can be overridden by the provider to return false, if the provider should not be dumped in any way. ### Additional things While I was at it, I also marked "export" operations as needing the "dumpable" flag. That way, we can't accidentally export the whole address space of a process as base64. I also added documentation for these some functions in Provider
2023-07-05 18:49:57 +00:00
[[nodiscard]] bool isDumpable() const override { return false; }
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
void readRaw(u64 address, void *buffer, size_t size) override;
void writeRaw(u64 address, const void *buffer, size_t size) override;
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
[[nodiscard]] u64 getActualSize() const override { return 0xFFFF'FFFF'FFFF; }
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
void save() override {}
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
[[nodiscard]] std::string getName() const override { return hex::format("hex.builtin.provider.process_memory.name"_lang, this->m_selectedProcess != nullptr ? this->m_selectedProcess->name : ""); }
impr: Improved types used in provider functions
2023-06-04 08:42:11 +00:00
[[nodiscard]] std::vector<Description> getDataDescription() const override {
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
return {
{ "hex.builtin.provider.process_memory.process_name"_lang, this->m_selectedProcess->name },
{ "hex.builtin.provider.process_memory.process_id"_lang, std::to_string(this->m_selectedProcess->id) }
};
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
}
[[nodiscard]] bool open() override;
void close() override;
[[nodiscard]] bool hasLoadInterface() const override { return true; }
[[nodiscard]] bool hasInterface() const override { return true; }
fix: Crash when not making a valid selection in provider load interfaces
2023-03-16 15:48:15 +00:00
bool drawLoadInterface() override;
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
void drawInterface() override;
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
void loadSettings(const nlohmann::json &) override {}
[[nodiscard]] nlohmann::json storeSettings(nlohmann::json) const override { return { }; }
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
[[nodiscard]] std::string getTypeName() const override {
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
return "hex.builtin.provider.process_memory";
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
}
[[nodiscard]] std::pair<Region, bool> getRegionValidity(u64) const override;
feat: Added ability to query provider information from pattern language
2023-01-24 08:07:11 +00:00
std::variant<std::string, i128> queryInformation(const std::string &category, const std::string &argument) override;
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
feat: Added DLL injection option, fixed memory region addresses
2023-01-04 09:02:17 +00:00
private:
void reloadProcessModules();
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
private:
struct Process {
u32 id;
std::string name;
refactor: Move custom ImGui functions to ImGuiExt namespace (#1427) Co-authored-by: Nik <werwolv98@gmail.com>
2023-11-16 21:24:06 +00:00
ImGuiExt::Texture icon;
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
};
feat: Further improve process memory provider
2023-01-01 11:26:27 +00:00
struct MemoryRegion {
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
Region region;
std::string name;
feat: Further improve process memory provider
2023-01-01 11:26:27 +00:00
constexpr bool operator<(const MemoryRegion &other) const {
return this->region.getStartAddress() < other.region.getStartAddress();
}
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
};
std::vector<Process> m_processes;
feat: Added filtering to Process Memory Provider
2023-01-05 08:30:15 +00:00
const Process *m_selectedProcess = nullptr;
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
feat: Further improve process memory provider
2023-01-01 11:26:27 +00:00
std::set<MemoryRegion> m_memoryRegions;
feat: Added filtering to Process Memory Provider
2023-01-05 08:30:15 +00:00
ui::SearchableWidget<Process> m_processSearchWidget = ui::SearchableWidget<Process>([](const std::string &search, const Process &process) {
fix: Process Memory provider search not being case insensitive
2023-01-28 10:41:09 +00:00
return hex::containsIgnoreCase(process.name, search);
feat: Added filtering to Process Memory Provider
2023-01-05 08:30:15 +00:00
});
ui::SearchableWidget<MemoryRegion> m_regionSearchWidget = ui::SearchableWidget<MemoryRegion>([](const std::string &search, const MemoryRegion &memoryRegion) {
fix: Process Memory provider search not being case insensitive
2023-01-28 10:41:09 +00:00
return hex::containsIgnoreCase(memoryRegion.name, search);
feat: Added filtering to Process Memory Provider
2023-01-05 08:30:15 +00:00
});
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
#ifdef _WIN32
HANDLE m_processHandle = nullptr;
#elif __linux__
pid_t m_processId = -1;
#endif
feat: Added basic windows process memory provider
2023-01-01 01:29:38 +00:00
bool m_enumerationFailed = false;
};
feat: Added Linux support to the Process Memory Provider (#1331) <!-- Please provide as much information as possible about what your PR aims to do. PRs with no description will most likely be closed until more information is provided. If you're planing on changing fundamental behaviour or add big new features, please open a GitHub Issue first before starting to work on it. If it's not something big and you still want to contact us about it, feel free to do so ! --> ### Problem description <!-- Describe the bug that you fixed/feature request that you implemented, or link to an existing issue describing it --> Implement a Linux backend for the ProcessMemoryProvider plugin. ### Implementation description <!-- Explain what you did to correct the problem --> Most of the provider code is the same between Windows and Linux. The primary differences are: - enumerate PIDs in `/proc/` to get the process list - use `/proc/<PID>/cmdline` as the process name - parse `/proc/<PID>/maps` to get the module list - reading/writing from memory is done using `process_vm_readv`/`process_vm_writev` NOTE: `sudo setcap CAP_SYS_PTRACE=+eip build/imhex` must be run to give the binary permission to read another process' memory. Running as root user should also work but I would not recommend it. ### Additional things The existing translations keys no longer match since I moved the plugin from `windows` to `builtin`. I'm not well versed in C++ so I attempted to keep my changes rather simple. Feedback is very welcome. --------- Co-authored-by: WerWolv <werwolv98@gmail.com>
2023-12-07 22:33:15 +00:00
}
#endif