Main Page   Modules   Data Structures   File List   Data Fields   Examples  

memgrep.h

00001 #ifndef _MEMGREP_H
00002 #define _MEMGREP_H
00003 
00004 #include <elf.h>
00005 
00029 #define MEMGREP_CMD_INITIALIZE      0x00000001 
00030 
00036 #define MEMGREP_CMD_DEINITIALIZE    0x00000002
00037 
00049 #define MEMGREP_CMD_SET             0x00000003
00050 
00062 #define MEMGREP_CMD_GET             0x00000004
00063 
00078 #define MEMGREP_CMD_POPULATE        0x00000005
00079 
00094 #define MEMGREP_CMD_SEARCH          0x00000006
00095 
00112 #define MEMGREP_CMD_REPLACE         0x00000007
00113 
00138 #define MEMGREP_CMD_SEARCHREPLACE   0x00000008
00139 
00146 #define MEMGREP_CMD_DUMP            0x00000009
00147 
00152 #define MEMGREP_CMD_LISTSEGMENTS    0x0000000A
00153 
00160 #define MEMGREP_CMD_DESTROYRESULT   0x0000000B
00161 
00168 #define MEMGREP_CMD_HEAPENUMERATE   0x0000000C
00169 
00173 #define MEMGREP_PARAM_FLAGS         0x00000001
00174 
00177 #define MEMGREP_PARAM_LENGTH        0x00000002
00178 
00181 #define MEMGREP_PARAM_PADDING       0x00000003
00182 
00185 #define MEMGREP_PARAM_DUMPFORMAT    0x00000004
00186 
00190 #define MEMGREP_RESULT_TYPE_SEARCH  0x00000001
00191 
00194 #define MEMGREP_RESULT_TYPE_REPLACE 0x00000002
00195 
00198 #define MEMGREP_RESULT_TYPE_DUMP    0x00000003
00199 
00202 #define MEMGREP_RESULT_TYPE_HEAP    0x00000004
00203 
00207 #define MEMGREP_FLAG_VERBOSE        (1 << 0)
00208 
00211 #define MEMGREP_FLAG_PROMPT         (1 << 1)
00212 
00215 #define MEMGREP_FLAG_DUMPCLEAN      (1 << 2)
00216 
00222 enum MemoryMedium {
00226         MEMORY_MEDIUM_UNKNOWN = 0,
00230         MEMORY_MEDIUM_PID     = 1,
00234         MEMORY_MEDIUM_CORE    = 2
00235 };
00236 
00242 enum MemoryDumpFormat {
00246         MEMORY_DUMP_FORMAT_HEXINT   = 0,
00250         MEMORY_DUMP_FORMAT_HEXSHORT = 1,
00254         MEMORY_DUMP_FORMAT_HEXBYTE  = 2,
00258         MEMORY_DUMP_FORMAT_DECINT   = 3,
00262         MEMORY_DUMP_FORMAT_DECSHORT = 4,
00266         MEMORY_DUMP_FORMAT_DECBYTE  = 5,
00270         MEMORY_DUMP_FORMAT_PRINTABLE = 6,
00271 };
00272 
00278 typedef struct _process_section_addrs {
00279 
00283         unsigned long text;
00287         unsigned long textLength;
00291         unsigned long rodata;
00295         unsigned long rodataLength;
00299         unsigned long data;
00303         unsigned long dataLength;
00307         unsigned long bss;
00308 
00312         unsigned long stack;
00313 
00314 } PROCESS_SECTION_ADDRS;
00315 
00321 typedef struct _core_memory_sections {
00322 
00326         unsigned long vma;
00330         unsigned long length;
00331 
00335         unsigned long rma;
00336 
00337 } CORE_MEMORY_SECTIONS;
00338 
00344 typedef struct _mem_ctx_core_data {
00345 
00349         int                  fd;
00350 
00354         Elf32_Ehdr           elfHeader;
00358         Elf32_Phdr           *programHeaders;
00359 
00363         CORE_MEMORY_SECTIONS *sections;
00367         unsigned long        numSections;
00368 
00369 } MEM_CTX_CORE_DATA;
00370 
00371 struct _mem_ctx;
00372 
00378 typedef struct _memgrep_functions {
00379 
00386         unsigned long  (*open)(struct _mem_ctx *ctx);
00393         unsigned long  (*close)(struct _mem_ctx *ctx);
00394 
00401         unsigned long  (*getSections)(struct _mem_ctx *ctx);
00410         unsigned char *(*get)(struct _mem_ctx *ctx, unsigned long addr, unsigned long length);
00420         unsigned long  (*put)(struct _mem_ctx *ctx, unsigned long addr, unsigned char *buf, unsigned long bufLength);
00428         unsigned long  (*populateKeyword)(struct _mem_ctx *ctx, const char *keyword);
00435         unsigned long  (*listSegments)(struct _mem_ctx *ctx);
00436 
00446         unsigned long  (*heapEnumerate)(struct _mem_ctx *ctx, unsigned long current, unsigned long *addr, unsigned long *size);
00447 
00448 } MEMGREP_FUNCTIONS;
00449 
00455 typedef struct _memgrep_result_row {
00456 
00460         unsigned long length;
00471         unsigned long type;
00472 
00473 } MEMGREP_RESULT_ROW;
00474 
00480 typedef struct _memgrep_result {
00481 
00485         unsigned long      error;
00486 
00490         unsigned long      numRows;
00494         MEMGREP_RESULT_ROW **rows;
00495 
00496 } MEMGREP_RESULT;
00497 
00503 typedef struct _memgrep_result_row_search {
00504 
00508         MEMGREP_RESULT_ROW base;
00509 
00513         unsigned long      addr;
00514 
00515 } MEMGREP_RESULT_ROW_SEARCH;
00516 
00522 typedef struct _memgrep_result_row_heap {
00523 
00527         MEMGREP_RESULT_ROW base;
00528 
00532         unsigned long      addr;
00533 
00537         unsigned long      size;
00538 
00539 } MEMGREP_RESULT_ROW_HEAP;
00540 
00546 typedef struct _memgrep_result_row_replace {
00547 
00551         MEMGREP_RESULT_ROW base;
00552 
00556         unsigned long      addr;
00557 
00558 } MEMGREP_RESULT_ROW_REPLACE;
00559 
00565 typedef struct _memgrep_result_row_dump {
00566 
00570         MEMGREP_RESULT_ROW base;
00571 
00575         unsigned long      addr;
00579         unsigned char      *buf;
00583         unsigned long      bufLength;
00584 
00585 } MEMGREP_RESULT_ROW_DUMP;
00586 
00592 typedef struct _mem_ctx {
00593 
00604         unsigned long         flags;
00605 
00614         enum MemoryMedium     medium;
00615 
00619         int                   pid;
00623         char                  *core;
00624 
00628         MEMGREP_FUNCTIONS     functions;
00632         PROCESS_SECTION_ADDRS sections;
00633 
00637         unsigned long         *addrs;
00641         unsigned long         numAddrs;
00645         unsigned long         length;
00649         unsigned long         padding;
00653         enum MemoryDumpFormat dumpFormat;
00654 
00658         MEM_CTX_CORE_DATA     coreData;
00659 
00660 
00666         int procCtlFd;
00667         int procAsFd;
00668 
00669 } MEM_CTX;
00670 
00681 unsigned long memgrep(MEM_CTX *ctx, unsigned long cmd, MEMGREP_RESULT *result, unsigned long param, unsigned long data);
00682 
00683 /*
00684  * These functions should not be called directly.
00685  */
00686 
00687 unsigned long memgrep_initialize(MEM_CTX *ctx, enum MemoryMedium medium, void *data); // 1 for success, 0 for failure
00688 unsigned long memgrep_deinitialize(MEM_CTX *ctx); // 1 for success, 0 for failure
00689 unsigned long memgrep_set(MEM_CTX *ctx, unsigned long param, unsigned long data); // 1 for success, 0 for failure
00690 unsigned long memgrep_get(MEM_CTX *ctx, unsigned long param); // the value associated w/ the param
00691 unsigned long memgrep_populate_string(MEM_CTX *ctx, const char *addresses); // number of addresses populated
00692 unsigned long memgrep_populate_array(MEM_CTX *ctx, unsigned long *array, unsigned long elements); // number of addresses populated
00693 unsigned long memgrep_search(MEM_CTX *ctx, MEMGREP_RESULT *result, const char *searchPhrase); // number of addresses found
00694 unsigned long memgrep_replace(MEM_CTX *ctx, MEMGREP_RESULT *result, const char *replacePhrase); // number of addresses replaced
00695 unsigned long memgrep_searchreplace(MEM_CTX *ctx, MEMGREP_RESULT *result, const char *searchPhrase, const char *replacePhrase); // number of addresses search/replaced
00696 unsigned long memgrep_dump(MEM_CTX *ctx, MEMGREP_RESULT *result); // 1 for success, 0 for failure
00697 unsigned long memgrep_listSegments(MEM_CTX *ctx); // 1 for success, 0 for failure
00698 unsigned long memgrep_destroy(MEM_CTX *ctx, MEMGREP_RESULT *result); // Destroy a resultant value, 1 for success 0 for failure
00699 unsigned long memgrep_heapenumerate(MEM_CTX *ctx, MEMGREP_RESULT *result, unsigned long minSize); // 1 for success, 0 for failure
00700 
00705 #endif
Generated on Mon Dec 29 02:04:13 2003 for memgrep by doxygen1.2.15