From 2be2581c8089858c6ad581469cdf77c33d5c4f2a Mon Sep 17 00:00:00 2001 From: Ludovic Pouzenc Date: Wed, 14 Aug 2013 00:14:18 +0200 Subject: Ajout des outils pour observer la memoire de la version DOS du jeu qui tourne dans un dosbox --- src/dosbox_snif/main_dump.c | 39 ++++++ src/dosbox_snif/main_dump_delta.c | 248 ++++++++++++++++++++++++++++++++++++++ src/dosbox_snif/main_poke.c | 64 ++++++++++ src/dosbox_snif/rsp.c | 243 +++++++++++++++++++++++++++++++++++++ src/dosbox_snif/rsp.h | 27 +++++ src/dosbox_snif/rsp_lemm.c | 65 ++++++++++ src/dosbox_snif/rsp_lemm.h | 13 ++ src/dosbox_snif/utils.c | 112 +++++++++++++++++ src/dosbox_snif/utils.h | 11 ++ 9 files changed, 822 insertions(+) create mode 100644 src/dosbox_snif/main_dump.c create mode 100644 src/dosbox_snif/main_dump_delta.c create mode 100644 src/dosbox_snif/main_poke.c create mode 100644 src/dosbox_snif/rsp.c create mode 100644 src/dosbox_snif/rsp.h create mode 100644 src/dosbox_snif/rsp_lemm.c create mode 100644 src/dosbox_snif/rsp_lemm.h create mode 100644 src/dosbox_snif/utils.c create mode 100644 src/dosbox_snif/utils.h diff --git a/src/dosbox_snif/main_dump.c b/src/dosbox_snif/main_dump.c new file mode 100644 index 0000000..68bd4c0 --- /dev/null +++ b/src/dosbox_snif/main_dump.c @@ -0,0 +1,39 @@ +#include "rsp.h" +#include "rsp_lemm.h" +#include "utils.h" + +#include /* memset() */ +#include /* printf() */ + +int main(int argc, char *argv[]) { + int rv, end=0; + struct rsp_state rsp; + char ds_si[10], command[16]; + + rv=rsp_lemm_init(&rsp, ds_si); + if ( rv != 0 ) { + printf("Error rsp_lemm_init() returns %i\n", rv); + return 1; + } + + while (!end) { + rsp_query(&rsp, "c"); // Continue + if ( rsp.replied != 1 ) printf("Bug 03\n"); + rsp_recv_full(&rsp); + if ( rsp_check_and_clear(&rsp, "S05") != 0 ) printf("Bug 04\n"); + + snprintf(command, 15, "m%s,0x2d", ds_si); + rsp_query(&rsp, command); // Read a lemming record + if ( rsp_decode(&rsp) != 0x2d * 2 ) { + printf("Bug 07\n"); + } else { + printf("%s\n", rsp.decoded); + } + } + + + rsp_quit(&rsp); + return 0; +} + + diff --git a/src/dosbox_snif/main_dump_delta.c b/src/dosbox_snif/main_dump_delta.c new file mode 100644 index 0000000..2e393c6 --- /dev/null +++ b/src/dosbox_snif/main_dump_delta.c @@ -0,0 +1,248 @@ +#include "rsp.h" +#include "rsp_lemm.h" +#include "utils.h" + +#include /* uint16_t... */ +#include /* strcpy() */ +#include /* printf() */ + + +struct _state { + uint8_t s_splatting:1; //0X1 + uint8_t s_exploding:1; //0X2 combinable + uint8_t s_falling:1; //0X4 + uint8_t s_ascending:1; //0X8 + uint8_t s_digging:1; //0x10 + uint8_t s_climbing:1; //0x20 + uint8_t s_climb_ending:1; //0X40 + uint8_t s_building:1; //0X80 + + uint8_t s_blocking:1; //0X1 + uint8_t s_bashing:1; //0X2 + uint8_t s_floating:1; //0X4 + uint8_t s_mining:1; //0X8 + uint8_t s_drawning:1; //0x10 + uint8_t s_ending:1; //0x20 + uint8_t s_b7:1; //0X40 + uint8_t s_b8:1; //0X80 when exploding too ? +} __attribute__ ((__packed__)); + +union state { + uint16_t raw; + struct _state bf; +}; + +struct _flags1 { + uint8_t cap_climber:1; // 0x1 + uint8_t bit_1:1; + uint8_t bit_2:1; + uint8_t bit_3:1; + uint8_t bit_4:1; + uint8_t bit_5:1; + uint8_t bit_6:1; + uint8_t walk_pause_for_shruggling:1; // 0X80 +} __attribute__ ((__packed__)); + +union flags1 { + uint8_t raw; + struct _flags1 bf; +}; + +struct _lemm_data { + uint16_t x_effective; //0x0 - 0x1 + uint16_t y_effective; //0x2 - 0x3 + int16_t x_spr_offset; //0x4 - 0x5 + int16_t y_spr_offset; //0x6 - 0x7 + union state state; //0x8 - 0x9 + uint8_t b_10,b_11; + uint16_t spr_data_ptr; //0xc - 0xd + uint8_t floattime_dble; //0xe + uint8_t b_15,b_16,b_17,b_18,b_19; + uint16_t ptr2; //0x14 - 0x15 + uint8_t b_22,b_23,b_24,b_25,b_26,b_27,b_28,b_29,b_30,b_31; + uint8_t expl_countdown; //0x20 + uint8_t steps_remain; //0x21 + uint8_t b_34; + uint8_t falldist; //0x23 + union flags1 flags1; //0x24 + uint8_t cap_floater; //0x25 + uint8_t is_gone; //0x26 + int8_t direction; //0x27 + uint8_t spr_frame; //0x28 + uint8_t draw_hint; //0x29 + uint8_t b_42,b_43,b_44; +} __attribute__ ((__packed__)); + +union lemm_data { + unsigned char raw[0x2d]; + struct _lemm_data s; +}; + +enum draw_hint { + hint_nothing=0x00, hint_falling=0x04, hint_special1=0x08, /* climbing or slow falling or shruggling */ + hint_walking=0x09, hint_building=0x10, hint_mining=0x18, hint_bashing=0x20 +}; +char draw_hint_str[256][16]; + +enum state_bit { + s_splatting=0, s_exploding, s_falling, s_ascending, s_digging, s_climbing, s_climb_ending, s_building, + s_blocking, s_bashing, s_floating, s_mining, s_drawning, s_ending, s_b7, s_b8 +}; +char state_str[16][16]; + +int main(int argc, char *argv[]) { + int i, rv, end=0; + struct rsp_state rsp; + char ds_si[10], command[16]; + union lemm_data lemm, prevlemm; + + memset(lemm.raw, 0, sizeof(lemm.raw)); + + for (i=0;i<256;i++) strcpy(draw_hint_str[i], "hint_unknown"); + strcpy(draw_hint_str[hint_nothing], "hint_nothing"); + strcpy(draw_hint_str[hint_falling], "hint_falling"); + strcpy(draw_hint_str[hint_special1],"hint_special1"); + strcpy(draw_hint_str[hint_walking], "hint_walking"); + strcpy(draw_hint_str[hint_building],"hint_building"); + strcpy(draw_hint_str[hint_mining], "hint_mining"); + strcpy(draw_hint_str[hint_bashing], "hint_bashing"); + + strcpy(state_str[s_splatting],"s_splatting"); + strcpy(state_str[s_exploding],"s_exploding"); + strcpy(state_str[s_falling],"s_falling"); + strcpy(state_str[s_ascending],"s_ascending"); + strcpy(state_str[s_digging],"s_digging"); + strcpy(state_str[s_climbing],"s_climbing"); + strcpy(state_str[s_climb_ending],"s_climb_ending"); + strcpy(state_str[s_building],"s_building"); + strcpy(state_str[s_blocking],"s_blocking"); + strcpy(state_str[s_bashing],"s_bashing"); + strcpy(state_str[s_floating],"s_floating"); + strcpy(state_str[s_mining],"s_mining"); + strcpy(state_str[s_drawning],"s_drawning"); + strcpy(state_str[s_ending],"s_ending"); + strcpy(state_str[s_b7],"s_b7"); + strcpy(state_str[s_b8],"s_b8"); + + rv=rsp_lemm_init(&rsp, ds_si); + if ( rv != 0 ) { + printf("Error rsp_lemm_init() returns %i\n", rv); + return 1; + } + + while (!end) { + rsp_query(&rsp, "c"); // Continue + if ( rsp.replied != 1 ) printf("Bug 03\n"); + rsp_recv_full(&rsp); + if ( rsp_check_and_clear(&rsp, "S05") != 0 ) printf("Bug 04\n"); + + snprintf(command, 15, "m%s,0x2d", ds_si); + rsp_query(&rsp, command); // Read a lemming record + if ( rsp_decode(&rsp) != 0x2d * 2 ) { + printf("Bug 07\n"); + continue; + } + + memcpy(prevlemm.raw, lemm.raw, sizeof(lemm.raw)); + +// printf("%s\n", rsp.decoded); + rv = hexascii2bin(rsp.decoded, lemm.raw, sizeof(lemm.raw)); + if ( rv != sizeof(lemm.raw) ) { + printf("Bug 08\n"); + continue; + } + + for (i=0; i %i\n",prevlemm.s.x_spr_offset, lemm.s.x_spr_offset); + break; + case 0x6: // y_spr_offset + i=0x7; + case 0x7: // y_spr_offset + printf("y_spr_offset\t%i -> %i\n",prevlemm.s.y_spr_offset, lemm.s.y_spr_offset); + break; + case 0x8: // state + i=0x9; + case 0x9: // state + rv=bit_position(lemm.s.state.raw); + switch (rv) { + case -2: + //FIXME : boucle bit par bit car ya parfois de multiple bits... + printf("state\t\t%04x -> %04x (multiple)\n",prevlemm.s.state.raw, lemm.s.state.raw); + break; + case -1: + printf("state\t\t%04x -> %04x (none)\n",prevlemm.s.state.raw, lemm.s.state.raw); + break; + default: + printf("state\t\t%04x -> %04x (%s)\n",prevlemm.s.state.raw, lemm.s.state.raw, state_str[rv]); + break; + } + break; + case 0xc: // spr_data_ptr + i=0xd; + case 0xd: // spr_data_ptr + printf("spr_data_ptr\t%04x -> %04x\n",prevlemm.s.spr_data_ptr, lemm.s.spr_data_ptr); + break; + case 0xe: // floattime_dble ? + printf("floattime_dble\t%02x -> %02x\n",prevlemm.s.floattime_dble, lemm.s.floattime_dble); + break; + case 0x14: // ptr2 ? + i=0x15; + case 0x15: // ptr2 ? + printf("ptr2\t\t%04x -> %04x\n",prevlemm.s.ptr2, lemm.s.ptr2); + break; + case 0x20: //expl_countdown + if ( !( lemm.s.expl_countdown < 0x4e && lemm.s.expl_countdown > 0x02) ) { + // Skip detailing all 80 changes... Just beginning and ending + printf("expl_countdown\t%02x -> %02x\n",prevlemm.s.expl_countdown, lemm.s.expl_countdown); + } + break; + case 0x21: //steps_remain + printf("steps_remain\t%02x -> %02x\n",prevlemm.s.steps_remain, lemm.s.steps_remain); + break; + case 0x23: //falldist + printf("falldist\t%02x -> %02x\n",prevlemm.s.falldist, lemm.s.falldist); + break; + case 0x24: //flags1 + if ( prevlemm.s.flags1.bf.cap_climber != lemm.s.flags1.bf.cap_climber ) { + printf("cap_climber\t%2i -> %2i\n", prevlemm.s.flags1.bf.cap_climber, lemm.s.flags1.bf.cap_climber); + } else if ( prevlemm.s.flags1.bf.walk_pause_for_shruggling != lemm.s.flags1.bf.walk_pause_for_shruggling ) { + printf("walk_pause_for_shruggling\t%2i -> %2i\n", prevlemm.s.flags1.bf.walk_pause_for_shruggling, lemm.s.flags1.bf.walk_pause_for_shruggling); + } else { + printf("flags1.unknown\t%02x -> %02x\n",prevlemm.s.flags1.raw, lemm.s.flags1.raw); + } + break; + case 0x25: //cap_floater + printf("cap_floater\t%02x -> %02x\n",prevlemm.s.cap_floater, lemm.s.cap_floater); + break; + case 0x26: //is_gone + printf("is_gone\t%02x -> %02x\n",prevlemm.s.is_gone, lemm.s.is_gone); + break; + case 0x27: //direction + printf("direction\t%i -> %i\n",prevlemm.s.direction, lemm.s.direction); + break; + case 0x29: //draw_hint ? + printf("draw_hint\t\t%02x -> %02x (%s)\n",prevlemm.s.draw_hint, lemm.s.draw_hint, draw_hint_str[lemm.s.draw_hint]); + break; + default: + printf("(0x%02x)\t\t%02x -> %02x\n", i, prevlemm.raw[i], lemm.raw[i]); + } + } + } + rsp_quit(&rsp); + return 0; +} + diff --git a/src/dosbox_snif/main_poke.c b/src/dosbox_snif/main_poke.c new file mode 100644 index 0000000..e0048fa --- /dev/null +++ b/src/dosbox_snif/main_poke.c @@ -0,0 +1,64 @@ +#include "rsp.h" +#include "rsp_lemm.h" +#include "utils.h" + +#include /* memset() */ +#include /* printf() */ + +int main(int argc, char *argv[]) { + int rv, i, end_input, end_loop; + struct rsp_state rsp; + char ds_si[10], command[16], input[100]; + unsigned int poke_base, poke_off, poke_val; + + rv=rsp_lemm_init(&rsp, ds_si); + if ( rv != 0 ) { + printf("Error rsp_lemm_init() returns %i\n", rv); + return 1; + } + if ( sscanf(ds_si, "%x", &poke_base) != 1 ) printf("Bug 20\n");; + + end_loop=0; + while (!end_loop) { + rsp_query(&rsp, "c"); // Continue + if ( rsp.replied != 1 ) printf("Bug 03\n"); + rsp_recv_full(&rsp); + if ( rsp_check_and_clear(&rsp, "S05") != 0 ) printf("Bug 04\n"); + + snprintf(command, 15, "m%s,0x2d", ds_si); + rsp_query(&rsp, command); // Read a lemming record + if ( rsp_decode(&rsp) != 0x2d * 2 ) { + printf("Bug 07\n"); + } else { + for (i=0; rsp.decoded[i]!='\0'; i++) { + putchar(rsp.decoded[i]); + if (i%2==1) putchar(' '); + if (i%16==15) putchar(' '); + } + putchar('\n'); + } + + end_input=0; + do { + printf("address value ? "); fflush(stdout); + if ( fgets(input, 99, stdin) == NULL ) { + //printf("pb fgets\n"); + end_input=1; continue; + } + if ( sscanf(input,"%x %x", &poke_off, &poke_val) != 2 ) { + //printf("pb sscanf\n"); + end_input=1; continue; + } + if ( rsp_poke(&rsp, poke_base + poke_off, poke_val) != 0 ) { + printf("Bug 21\n"); + end_input=1; continue; + } + } while ( !end_input ); + } + + + rsp_quit(&rsp); + return 0; +} + + diff --git a/src/dosbox_snif/rsp.c b/src/dosbox_snif/rsp.c new file mode 100644 index 0000000..c9957b7 --- /dev/null +++ b/src/dosbox_snif/rsp.c @@ -0,0 +1,243 @@ +#include "rsp.h" + +/* recv() */ +#include +#include + +#include /* memset(), strncmp() */ +#include /* perror(), fprintf(), snprintf(), sscanf() */ +#include /* malloc(), free() */ +#include /* close() */ +#include /* EAGAIN... */ + +void _rsp_sniff_garbage(struct rsp_state *rsp) { + int recvbytes, rv; + + // Sniff garbages before sending command + recvbytes = recv(rsp->sockfd, rsp->response, rsp->data_maxlen, MSG_DONTWAIT); + if ( recvbytes < 0 ) { + rv = errno; + if ( rv == EAGAIN || rv == EWOULDBLOCK ) { + /* No garbage found, that's a good news */ + } else { + LOG_DEBUG("! <-(error %i)\n", rv); + } + recvbytes=0; + } + rsp->response[recvbytes] = '\0'; + if ( recvbytes > 0 ) { + LOG_DEBUG("! <-'%s'\n",rsp->response); + } +} + +int rsp_recv_full(struct rsp_state *rsp) { + + int rv, error=0, complete=0, full=0, sentbytes; + ssize_t bufoldpos=0, bufpos=0; + char *bom=NULL, *eom=NULL, *ptr; + unsigned char c, cack='+'; + unsigned int computed_checksum, read_checksum; + + do { + rv = recv(rsp->sockfd, rsp->response + bufpos, rsp->data_maxlen - bufpos, 0); + if ( rv < 0 ) { + switch (errno) { + case EAGAIN: + continue; + default: + error=1; + continue; + } + } + if ( rv == 0 ) { + error=1; + continue; + } + + bufoldpos = bufpos; + bufpos += rv; + + if ( bom == NULL ) { + bom = memchr(rsp->response + bufoldpos, '$', bufpos - bufoldpos); + } + + if ( bom != NULL && eom == NULL ) { + eom = memchr(bom, '#', bufpos - (bom - rsp->response) ); + } + + complete = bom && eom && (eom+2) <= (rsp->response + bufpos); // 2 char checksum after EOM + full = (bufpos >= rsp->data_maxlen); + + } while (!error && !complete && !full); + + if (error) return 1; + if (full) return 2; + + rsp->response[bufpos]='\0'; + + c=eom[3]; + eom[3]='\0'; + LOG_DEBUG(" <- '%s'\n", rsp->response); + + if ( (eom+3) < (rsp->response + bufpos - 1)) { + eom[3]=c; + LOG_DEBUG("? <- '%s'\n", eom+3); + } + + + rsp->response_len = eom - bom - 1; + rsp->response_bom = bom; + rsp->response_eom = eom; + + computed_checksum=0; + for (ptr = bom+1; ptr < eom; ptr++) { + computed_checksum = (computed_checksum + ((unsigned char)*ptr) ) % 256; + } + + rv = sscanf(eom + 1, "%02x", &read_checksum); + if ( rv != 1 || computed_checksum != read_checksum) return 3; + + rsp->replied = 1; + + if (rsp->noackmode !=1) { + sentbytes = send(rsp->sockfd, &cack, 1, 0); + if ( sentbytes < 1 ) return 4; + LOG_DEBUG("-> '+'\n"); + } + + return 0; +} + +int rsp_init(int sockfd, int data_maxlen, struct rsp_state *rsp) { + memset(rsp,0,sizeof(struct rsp_state)); + rsp->sockfd = sockfd; + rsp->data_maxlen = data_maxlen; + + rsp->command = malloc(data_maxlen+1); + if ( rsp->command == NULL ) return 1; + + rsp->response = malloc(data_maxlen+1); + if ( rsp->response == NULL ) return 1; + + rsp->decoded = malloc(data_maxlen+1); + if ( rsp->decoded == NULL ) return 1; + +/* + rsp_query(rsp, "QStartNoAckMode"); + if ( rsp_check_and_clear(rsp, "OK") == 0 ) rsp->noackmode=1; +*/ + return 0; +} + +void rsp_quit(struct rsp_state *rsp) { + //rsp_query(rsp, "k"); + if ( rsp->command != NULL ) free(rsp->command); + if ( rsp->response != NULL ) free(rsp->response); + if ( rsp->decoded != NULL ) free(rsp->decoded); + close(rsp->sockfd); + memset(rsp,0,sizeof(struct rsp_state)); +} + +void rsp_send_break(struct rsp_state *rsp) { + int sentbytes; + char cbreak=3; + + rsp->replied = 0; + rsp->response_len = 0; + + _rsp_sniff_garbage(rsp); + + sentbytes = send(rsp->sockfd, &cbreak, 1, 0); + if ( sentbytes < 1 ) return; + LOG_DEBUG("-> '^C'\n"); + + rsp_recv_full(rsp); +} + +void rsp_query(struct rsp_state *rsp, char command[]) { + int sentbytes; + unsigned int checksum, i; + unsigned char c; + + + rsp->replied = 0; + rsp->response_len = 0; + + i=0; checksum=0; + while ( (c=command[i++]) != '\0' ) { + checksum = (checksum + c ) % 256; + } + + rsp->command_len = snprintf(rsp->command, rsp->data_maxlen, "$%s#%02x", command, checksum); + if (rsp->command_len < 5) return; + + _rsp_sniff_garbage(rsp); + + sentbytes = send(rsp->sockfd, rsp->command, rsp->command_len, 0); + if ( sentbytes < rsp->command_len ) return; + LOG_DEBUG("-> '%s'\n", rsp->command); + + + rsp_recv_full(rsp); +} + +int rsp_check_and_clear(struct rsp_state *rsp, char expected_response[]) { + + int expected_responselen = strlen(expected_response); + + if ( rsp->replied != 1 ) return 1; + rsp->replied = 0; + + if ( rsp->response_len < expected_responselen ) return 2; + if ( strncmp(rsp->response_bom + 1, expected_response, expected_responselen) != 0 ) return 3; + + return 0; +} + +int rsp_decode(struct rsp_state *rsp) { +/* +Response data can be run-length encoded to save space. Run-length encoding replaces runs of identical characters with one instance of the repeated character, followed by a ‘*’ and a repeat count. The repeat count is itself sent encoded, to avoid binary characters in data: a value of n is sent as n+29. For a repeat count greater or equal to 3, this produces a printable ascii character, e.g. a space (ascii code 32) for a repeat count of 3. (This is because run-length encoding starts to win for counts 3 or more.) Thus, for example, ‘0* ’ is a run-length encoding of “0000”: the space character after ‘*’ means repeat the leading 0 32 - 29 = 3 more times. + +The printable characters ‘#’ and ‘$’ or with a numeric value greater than 126 must not be used. Runs of six repeats (‘#’) or seven repeats (‘$’) can be expanded using a repeat count of only five (‘"’). For example, ‘00000000’ can be encoded as ‘0*"00’. +*/ + char src, *srcptr, *dstptr; + int repe, max; + + if ( rsp->replied != 1 ) return -1; + + dstptr = rsp->decoded; + for ( srcptr = rsp->response_bom+1; srcptr < rsp->response_eom; srcptr++ ) { + // FIXME : implemnt RLE decoding + src = *srcptr; + switch (src) { + case '*': + srcptr++; + repe=(*srcptr)-29; + if (repe < 2 ) return -1; + max = rsp->decoded + rsp->data_maxlen - 1 - dstptr; + if ( repe > max ) { repe = max; } + memset(dstptr, *(srcptr-2), repe); + dstptr += repe; + break; + default: + *(dstptr++) = *srcptr; + break; + } + } + *dstptr='\0'; + + return dstptr - rsp->decoded; +} + +int rsp_poke(struct rsp_state *rsp, unsigned int poke_addr, unsigned int poke_value) { + char command[16]; + printf("DEBUG : rsp_poke()\n"); + if ( snprintf(command, 15, "M %4x,2:%2x", poke_addr & 0xffff, poke_value & 0xff) < 11 ) return 1; + printf("DEBUG : command == '%s'\n", command); + rsp_query(rsp, command); // Send the poke command to GDB stub + printf("DEBUG : response == '%s'\n", rsp->response); + if ( rsp_check_and_clear(rsp, "OK") != 0 ) return 2; + + return 0; +} + diff --git a/src/dosbox_snif/rsp.h b/src/dosbox_snif/rsp.h new file mode 100644 index 0000000..c8f1378 --- /dev/null +++ b/src/dosbox_snif/rsp.h @@ -0,0 +1,27 @@ +#ifndef _RSP_H +#define _RSP_H + +#define LOG_DEBUG(...) +//#include +//#define LOG_DEBUG(...) printf(__VA_ARGS__) + +struct rsp_state { + int sockfd; + int data_maxlen; + int noackmode; + int replied; + int command_len, response_len; + char *command, *response, *decoded; /* Malloc'ed */ + char *response_bom, *response_eom; /* Just pointers on *response string */ +}; + +int rsp_init(int sockfd, int data_maxlen, struct rsp_state *rsp); +void rsp_quit(struct rsp_state *rsp); +void rsp_send_break(struct rsp_state *rsp); +void rsp_query(struct rsp_state *rsp, char command[]); +int rsp_check_and_clear(struct rsp_state *rsp, char expected_response[]); +int rsp_recv_full(struct rsp_state *rsp); +int rsp_decode(struct rsp_state *rsp); +int rsp_poke(struct rsp_state *rsp, unsigned int poke_addr, unsigned int poke_value); + +#endif /*_RSP_H*/ diff --git a/src/dosbox_snif/rsp_lemm.c b/src/dosbox_snif/rsp_lemm.c new file mode 100644 index 0000000..e39ef30 --- /dev/null +++ b/src/dosbox_snif/rsp_lemm.c @@ -0,0 +1,65 @@ +#include "rsp_lemm.h" +#include "utils.h" + +#include /* memset(), strncmp() */ +#include /* printf() */ + +int rsp_lemm_init(struct rsp_state *rsp, char *ds_si) { + int rv; + int sockfd; + + memset(ds_si,'X',10); + ds_si[9]='\0'; + + rv = tcp_client_init(HOST, PORT, &sockfd); + if ( rv != 0 ) return rv; + + rsp_init(sockfd, MAXDATASIZE-1, rsp); + +/* + rsp_query(rsp, "qRcmd,666c61745f6569702c30"); //flat_eip,0 + if ( rsp_check_and_clear(rsp, "OK") != 0 ) printf("Bug\n"); +*/ + rsp_query(rsp, "?"); + if ( rsp_check_and_clear(rsp, "S05") != 0 ) { + // The program is not stopped + rsp_send_break(rsp); // Request to freeze the program + if ( rsp->replied != 1 ) return 10; + } + + rsp_query(rsp, "Z0,38C4,1"); // Set execution breakpoint at 0208:1844 (0x38C4) + if ( rsp_check_and_clear(rsp, "OK") != 0 ) return 11; + + do { + rsp_query(rsp, "c"); // Continue + if ( rsp->replied != 1 ) continue; //return 12; + rsp_recv_full(rsp); + if ( rsp_check_and_clear(rsp, "S05") != 0 ) continue; //return 13; +// (void) rsp_check_and_clear(rsp, "S05"); + + rsp_query(rsp, "p8"); // Read $eip (/!\ byte order. ex : $e4b0* !#76 ) +// if ( rsp_check_and_clear(rsp, "c4380000") != 0 ) return 14; + } while ( rsp_check_and_clear(rsp, "c4380000") != 0 ); + + rsp_query(rsp, "pc"); // Read $ds + if ( rsp_decode(rsp) <8 ) return 15; + ds_si[0]=rsp->decoded[2]; + ds_si[1]=rsp->decoded[3]; + ds_si[2]=rsp->decoded[0]; + ds_si[3]=rsp->decoded[1]; + ds_si[4]=':'; + + rsp_query(rsp, "p6"); // Read $si + if ( rsp_decode(rsp) <8 ) return 16; + ds_si[5]=rsp->decoded[2]; + ds_si[6]=rsp->decoded[3]; + ds_si[7]=rsp->decoded[0]; + ds_si[8]=rsp->decoded[1]; + + printf("ds:si == %s\n", ds_si); + flatten(ds_si); + printf("$ds_si == %s\n", ds_si); + + return 0; +} + diff --git a/src/dosbox_snif/rsp_lemm.h b/src/dosbox_snif/rsp_lemm.h new file mode 100644 index 0000000..bd95d4f --- /dev/null +++ b/src/dosbox_snif/rsp_lemm.h @@ -0,0 +1,13 @@ +#ifndef _RSP_LEMM_H +#define _RSP_LEMM_H + +#include "rsp.h" + +#define HOST "localhost" +#define PORT "1234" +#define MAXDATASIZE 1400 + + +int rsp_lemm_init(struct rsp_state *rsp, char *ds_si); + +#endif /*_RSP_LEMM_H*/ diff --git a/src/dosbox_snif/utils.c b/src/dosbox_snif/utils.c new file mode 100644 index 0000000..8e26d46 --- /dev/null +++ b/src/dosbox_snif/utils.c @@ -0,0 +1,112 @@ +#include "utils.h" + +/* socket() */ +#include +#include +#include +/* getaddrinfo() */ +#include +#include +/* inet_ntop() */ +#include +#define GET_SOCK_IN_ADDR(sa) (((struct sockaddr*)sa)->sa_family == AF_INET)?(void *)&(((struct sockaddr_in*)sa)->sin_addr):(void *)&(((struct sockaddr_in6*)sa)->sin6_addr) + +#include /* memset(), strncmp() */ +#include /* perror(), fprintf(), snprintf(), sscanf() */ +#include /* malloc(), free() */ +#include /* close() */ +#include /* EAGAIN... */ + + +int tcp_client_init(char host[], char port[], int *sockfd) { + int rv, flag=1; + char s[INET6_ADDRSTRLEN]; + struct addrinfo hints, *servinfo, *p; + memset(&hints,0,sizeof(struct addrinfo)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + + if ((rv = getaddrinfo(host, port, &hints, &servinfo)) != 0) { + fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(rv)); + return 1; + } + + + // loop through all the results and connect to the first we can + for(p = servinfo; p != NULL; p = p->ai_next) { + if ((*sockfd = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) { + //perror("client: socket"); + continue; + } + + if ( setsockopt(*sockfd, IPPROTO_TCP, TCP_NODELAY, (char *) &flag, sizeof(flag)) != 0 ) { + perror("client: setsockopt TCP_NODELAY"); + } + + if (connect(*sockfd, p->ai_addr, p->ai_addrlen) == -1) { + close(*sockfd); + //perror("client: connect"); + continue; + } + + break; + } + + freeaddrinfo(servinfo); + + if (p == NULL) { + fprintf(stderr, "client: failed to connect\n"); + return 2; + } + + inet_ntop(p->ai_family, GET_SOCK_IN_ADDR(p->ai_addr), s, sizeof s); + printf("client: connecting to %s\n", s); + + return 0; +} + +void flatten(char *seg_off) { + unsigned int seg=0, off=0, flat; + sscanf(seg_off, "%4x", &seg); + sscanf(seg_off+5, "%4x", &off); + flat= (seg<<4) + off; + snprintf(seg_off, 9, "%x", flat); +} + + +int hexascii2bin(char src[], void *dst, int maxlen) { + int i; + unsigned char offset; + for (i=0; i= '0' && src[i] <= '9' ) offset='0'; + else if ( src[i] >= 'a' && src[i] <= 'f' ) offset='a' - 10; + else if ( src[i] >= 'A' && src[i] <= 'F' ) offset='A' - 10; + else break; + + if ( i % 2 == 0 ) { + ((unsigned char *)dst)[i/2] = (src[i]-offset) << 4; + } else { + ((unsigned char *)dst)[i/2] += (src[i]-offset); + } + } + return i/2; +} + +// Indicate the position of the bit that is on +// If multiple bits activated, returns -2 +// If no bits activated, return -1 +int bit_position(uint16_t flags) { + int i, pos; + pos=-1; // Not found yet + for (i=0;i<16;i++) { + if ( (flags >> i) & 0x0001 ) { + if ( pos == -1 ) { + pos=i; + } else { + return -2; + } + } + } + return pos; +} diff --git a/src/dosbox_snif/utils.h b/src/dosbox_snif/utils.h new file mode 100644 index 0000000..a7031a8 --- /dev/null +++ b/src/dosbox_snif/utils.h @@ -0,0 +1,11 @@ +#ifndef _UTILS_H +#define _UTILS_H + +#include + +int tcp_client_init(char host[], char port[], int *sockfd); +void flatten(char *seg_off); +int hexascii2bin(char src[], void *dst, int maxlen); +int bit_position(uint16_t flags); + +#endif /*_UTIL_H*/ -- cgit v1.2.3