From ca8a86e9441d756d59e4624564e7ec2852bb6ddd Mon Sep 17 00:00:00 2001 From: Ulf Frisk Date: Sun, 16 Mar 2025 00:07:37 +0100 Subject: [PATCH] Version 5.14.6 --- includes/lib32/leechcore.lib | Bin 5360 -> 5360 bytes includes/lib32/vmm.lib | Bin 31412 -> 31412 bytes includes/lib64/leechcore.lib | Bin 5268 -> 5268 bytes includes/lib64/vmm.lib | Bin 30800 -> 30800 bytes includes/libarm64/leechcore.lib | Bin 5268 -> 5268 bytes includes/libarm64/vmm.lib | Bin 30800 -> 30800 bytes m_vmemd/version.h | 4 +- memprocfs/version.h | 4 +- vmm/version.h | 4 +- vmmpyc/version.h | 4 +- vmmpyc/vmmpyc.c | 16 +++++-- vmmpyc/vmmpycplugin.c | 44 ++++++++++++------- vmmrust/leechcore_example/Cargo.toml | 2 +- vmmrust/m_example_plugin/Cargo.toml | 2 +- vmmrust/memprocfs/Cargo.toml | 2 +- vmmrust/memprocfs_example/Cargo.toml | 2 +- vmmsharp/vmmsharp/Properties/AssemblyInfo.cs | 4 +- vmmsharp/vmmsharp/vmmsharp.csproj | 2 +- 18 files changed, 54 insertions(+), 36 deletions(-) diff --git a/includes/lib32/leechcore.lib b/includes/lib32/leechcore.lib index cd3683dae410feef09adf05354a54dccaa04cf53..6f5d403aef8c13334383c7b8bb3e442862f2d2ec 100644 GIT binary patch delta 114 zcmeyM`9X7o69?zMl^2imGcqu6Os?gUo_v8@dU7L2DT_A4&-Tf`IHH+;wr>vSlx1WU zUM2Zz_vDS-@{?z9Wx%A>xg3)7a|`q`Q-G>XxyxC4K4%@Cyn%ZIOo8;|dL9mt8J#@o F900+~EDitw delta 114 zcmeyM`9X7o69?!2_rY)Z85tNjCf9OFPrkq{J-Lyiltqi7t!?rzj%cQ~w$0(3vW%?U zezPv@p1hG;e)0^i44AY!mqT)XZh>BA3Q)BvcR9<=^tA7jH*jx&DUhCA&%*&Sqmw6{ F0{~gTDRuw= diff --git a/includes/lib32/vmm.lib b/includes/lib32/vmm.lib index ed71cc369c534de49d3a8920ea6bc8b4f03e00df..8a09443717f95ca68205022d3722c9b191c222da 100644 GIT binary patch delta 110 zcmdn;m2t~g#tp0NSiUWu_;d0)yHzaO3_sf^`#GvlZnoEB0y66zr6!-X|IQk{E9uzQ v$-f=tC%Qd$ok;W delta 110 zcmdn;m2t~g#tp0NSU!37-I%=2ZWW6bLtEQqKS%Y+&GvdsKxVz8)a0}F-&xbXZM?K~ u@^44^$uAs|V5;;XD#}^Z%P+r}{L2xpU7E`wIX|~RFEa&V#OCKtXUzegFE4Tc diff --git a/includes/lib64/leechcore.lib b/includes/lib64/leechcore.lib index 3041a533a377c91c2afde2a088ce0744e6208a5e..ff0704c4ad8c8569f811afef851a6a3a361b5029 100644 GIT binary patch delta 118 zcmbQDIYo2BH+IhAFL&PXGcqu6Og7|_o-D;Nfkm6)XZz%J9MMca+c$G_$}+N4HZJ@) zS%<3wCZj(2J{Jd2b}~1o)MRGvSk|t%M~ClE*5#51>X)88pSu*MQW;6*=6D`c4gky} BDLw!I delta 118 zcmbQDIYo2BH+Ig6?|2UKGcqu6Og7|_o-D;NfklgvG8h^-E8l&s_>rsf?s@b3BhJ2LRca BCFB4A diff --git a/includes/lib64/vmm.lib b/includes/lib64/vmm.lib index 234ef45d5698e337439642b610d681ae6adf2d99..9a631ff582a80189089579f04d564211890c0e4f 100644 GIT binary patch delta 112 zcmcccf$_oz#trLiIFH@2IL*w+z`!y2qMh_)IS1*AT3PfoB6W%}8^dAqG3 zBdc{%4jjCMVd2GPSjB-fk<% z$f~9H_TARW|Lx@`zp+b#Nvlsj@4x|6GP&8loMqo~n@f}b*{_00DnlhV-*hN92LL4^ BEtdcQ diff --git a/includes/libarm64/leechcore.lib b/includes/libarm64/leechcore.lib index 777be084bbeb234cfe9efdcaa92d676b11c0edb8..1d87b10b777d3a66399639f8842ddd1370726848 100644 GIT binary patch delta 118 zcmbQDIYo2BH+D|-(D<|bj0_AMlMT6~CrfcmV9{py**NyV_RZX!vWzUuD*}#B z*5T@a$*51h&&2_hoy^TCHJO<^mbLxLj34(W>vG8h^-E8l&s_>rsf?s@b3BhJ2LSrM BCrbbT delta 118 zcmbQDIYo2BH+Ige?KWrl85tNjCL3}|PnP1Cz@o*_);4(^M>JDg+h%S~Sw@z3QQLk^ z*5T@a$*51h&&2_hoy^TCHJO<^mUZRA%eU@N*5#51>X)88pSu*MQW;6*=6D`c4geHt BCXN6A diff --git a/includes/libarm64/vmm.lib b/includes/libarm64/vmm.lib index 71cd0616b819fb80865a40ff2c873337c643387e..d2517a4ee5ca9e3407ddd600df5e424d76c1302c 100644 GIT binary patch delta 112 zcmcccf$_oz#trLiIIm5JKf%n%z`!y2qMh_)IS1*AT3PfoB6W%}8^dAqG3 zBkR+7ryg&e{NG-F@*BG(n6&!j^9~$9C6k-&%UOyu;_pxXXTJ(2sSK6eeAA)a8~~8U BFjxQp delta 112 zcmcccf$_oz#trLiI79yW{b6QgVBna1(N21@oP+e_w>J4KS`2M%lM`%1ncCVmZ?_d> zWZn5q>Gjsh|Lx@`zp+b#Nvlsj@4x|6GP&8loW=c;*VoDa>{r1gm7$WGZ#tBl0{{zU BEp`9^ diff --git a/m_vmemd/version.h b/m_vmemd/version.h index 6f6765b..ee0372b 100644 --- a/m_vmemd/version.h +++ b/m_vmemd/version.h @@ -3,8 +3,8 @@ #define VERSION_MAJOR 5 #define VERSION_MINOR 14 -#define VERSION_REVISION 5 -#define VERSION_BUILD 195 +#define VERSION_REVISION 6 +#define VERSION_BUILD 196 #define VER_FILE_DESCRIPTION_STR "MemProcFS : Plugin vmemd" #define VER_FILE_VERSION VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD diff --git a/memprocfs/version.h b/memprocfs/version.h index b82d769..0efc814 100644 --- a/memprocfs/version.h +++ b/memprocfs/version.h @@ -3,8 +3,8 @@ #define VERSION_MAJOR 5 #define VERSION_MINOR 14 -#define VERSION_REVISION 5 -#define VERSION_BUILD 195 +#define VERSION_REVISION 6 +#define VERSION_BUILD 196 #define VER_FILE_DESCRIPTION_STR "MemProcFS" #define VER_FILE_VERSION VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD diff --git a/vmm/version.h b/vmm/version.h index 337501d..c23005b 100644 --- a/vmm/version.h +++ b/vmm/version.h @@ -3,8 +3,8 @@ #define VERSION_MAJOR 5 #define VERSION_MINOR 14 -#define VERSION_REVISION 5 -#define VERSION_BUILD 195 +#define VERSION_REVISION 6 +#define VERSION_BUILD 196 #define VER_FILE_DESCRIPTION_STR "MemProcFS : Core" #define VER_FILE_VERSION VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD diff --git a/vmmpyc/version.h b/vmmpyc/version.h index 7eacbda..df9426a 100644 --- a/vmmpyc/version.h +++ b/vmmpyc/version.h @@ -3,8 +3,8 @@ #define VERSION_MAJOR 5 #define VERSION_MINOR 14 -#define VERSION_REVISION 5 -#define VERSION_BUILD 195 +#define VERSION_REVISION 6 +#define VERSION_BUILD 196 #define VER_FILE_DESCRIPTION_STR "MemProcFS : Python API" #define VER_FILE_VERSION VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION, VERSION_BUILD diff --git a/vmmpyc/vmmpyc.c b/vmmpyc/vmmpyc.c index 6d9e36a..c38b527 100644 --- a/vmmpyc/vmmpyc.c +++ b/vmmpyc/vmmpyc.c @@ -173,7 +173,7 @@ DWORD VmmPyc_MemReadType_TypeCheck(_In_ PyObject* pyUnicodeTp, _Out_ PDWORD pcbT DWORD dw; BYTE b4[4]; } tp = { 0 }; - SIZE_T cch; + Py_ssize_t cch; char *sz; if((pyBytes = PyUnicode_AsUTF8String(pyUnicodeTp))) { PyBytes_AsStringAndSize(pyBytes, &sz, &cch); @@ -210,20 +210,28 @@ DWORD VmmPyc_MemReadType_TypeCheck(_In_ PyObject* pyUnicodeTp, _Out_ PDWORD pcbT PyObject* VmmPyc_MemReadType_TypeGet(_In_ DWORD tp, _In_ PBYTE pb, _In_ DWORD cbRead) { + long l; + DWORD dw = 0; BYTE pbZERO[8] = { 0 }; switch(tp) { case 'i8 ': - return PyLong_FromLong(*(BYTE*)((cbRead >= 1) ? pb : pbZERO)); break; + if(cbRead >= 1) { dw = *(BYTE*)pb; } + l = (long)((dw & 0x80) ? (0 - dw) : dw); + return PyLong_FromLong(l); break; case 'u8 ': return PyLong_FromUnsignedLong(*(BYTE*)((cbRead >= 1) ? pb : pbZERO)); break; case 'i16 ': - return PyLong_FromLong(*(WORD*)((cbRead >= 2) ? pb : pbZERO)); break; + if(cbRead >= 2) { dw = *(WORD*)pb; } + l = (long)((dw & 0x8000) ? (0 - dw) : dw); + return PyLong_FromLong(l); break; case 'u16 ': return PyLong_FromUnsignedLong(*(WORD*)((cbRead >= 2) ? pb : pbZERO)); break; case 'f32 ': return PyFloat_FromDouble(*(float*)((cbRead >= 4) ? pb : pbZERO)); break; case 'i32 ': - return PyLong_FromLong(*(DWORD*)((cbRead >= 4) ? pb : pbZERO)); break; + if(cbRead >= 4) { dw = *(DWORD*)pb; } + l = (long)((dw & 0x80000000) ? (0 - dw) : dw); + return PyLong_FromLong(l); break; case 'u32 ': return PyLong_FromUnsignedLong(*(DWORD*)((cbRead >= 4) ? pb : pbZERO)); break; case 'f64 ': diff --git a/vmmpyc/vmmpycplugin.c b/vmmpyc/vmmpycplugin.c index 1831699..d0d7e03 100644 --- a/vmmpyc/vmmpycplugin.c +++ b/vmmpyc/vmmpycplugin.c @@ -285,7 +285,7 @@ BOOL PY2C_Exec(_In_ VMM_HANDLE H, _In_ LPSTR uszPythonCodeToExec, _Out_ LPSTR *p if(!pyStrResultOfExec || !PyUnicode_Check(pyStrResultOfExec)) { goto pyfail; } pyBytesResultOfExec = PyUnicode_AsUTF8String(pyStrResultOfExec); if(!pyBytesResultOfExec || !PyBytes_Check(pyBytesResultOfExec)) { goto pyfail; } - PyBytes_AsStringAndSize(pyBytesResultOfExec, &uszResultOfExec, &cuszResultOfExec); + PyBytes_AsStringAndSize(pyBytesResultOfExec, &uszResultOfExec, (Py_ssize_t*)&cuszResultOfExec); if(!uszResultOfExec) { goto pyfail; } *puszResultOfExec = LocalAlloc(0, cuszResultOfExec + 1); if(!*puszResultOfExec) { goto pyfail; } @@ -438,7 +438,9 @@ BOOL VmmPyPlugin_PythonInitializeEmbedded(_In_ VMM_HANDLE H, _In_ HMODULE hDllPy Py_SetPath(wszPathPython); VMMDLL_Log(H, VMMDLL_MID_PYTHON, VMMDLL_LOGLEVEL_DEBUG, "PythonPath: %S", wszPathPython); Py_Initialize(); - PyEval_InitThreads(); +#if PY_VERSION_HEX <= 0x03060000 + PyEval_InitThreads(); // Required for Python 3.6 +#endif // 4: Import VmmPyPlugin library/file to start the python part of the plugin manager. pyName = PyUnicode_DecodeFSDefault("vmmpyplugin"); if(!pyName) { goto fail; } @@ -474,13 +476,24 @@ VOID Util_GetPathDllA(_Out_writes_(MAX_PATH) LPSTR szPath, _In_opt_ HMODULE hMod } } -#define PYTHON_IMPORT_PRE "import sys\nsys.path.append(\"" -#define PYTHON_IMPORT_POST "\")" +VOID Util_PyAddSysPath(LPCSTR szPath) +{ + PyObject *pySysPath, *pyPath; + pySysPath = PySys_GetObject("path"); + if(pySysPath && PyList_Check(pySysPath)) { + pyPath = PyUnicode_FromString(szPath); + if(pyPath) { + PyList_Append(pySysPath, pyPath); + Py_DECREF(pyPath); + } + } +} + BOOL VmmPyPlugin_PythonInitializeEmbedded(_In_ VMM_HANDLE H, _In_ HMODULE hDllPython, _In_ HMODULE hDllModule) { DWORD i; PyObject *pyName = NULL, *pyModule = NULL; - CHAR szPathBaseExe[MAX_PATH] = { 0 }, szImportBase[MAX_PATH] = { 0 } , szImportLibs[MAX_PATH] = { 0 }; + CHAR szPathBaseExe[MAX_PATH] = { 0 }, szImportLibs[MAX_PATH] = { 0 }; // 1: Allocate context (if required) and fetch verbosity settings if(!ctxPY2C && !(ctxPY2C = LocalAlloc(LMEM_ZEROINIT, sizeof(PY2C_CONTEXT)))) { return FALSE; @@ -488,21 +501,18 @@ BOOL VmmPyPlugin_PythonInitializeEmbedded(_In_ VMM_HANDLE H, _In_ HMODULE hDllPy VmmPyPlugin_UpdateVerbosity(); // 2: Construct Python Path Util_GetPathDllA(szPathBaseExe, NULL); - // 2.1: .exe location of this process - strcat_s(szImportBase, MAX_PATH, PYTHON_IMPORT_PRE); - strcat_s(szImportBase, MAX_PATH, szPathBaseExe); - strcat_s(szImportBase, MAX_PATH, PYTHON_IMPORT_POST); - // 2.2: plugins relative to this process - strcat_s(szImportLibs, MAX_PATH, PYTHON_IMPORT_PRE); + // 2.1: plugins relative to this process strcat_s(szImportLibs, MAX_PATH, szPathBaseExe); strcat_s(szImportLibs, MAX_PATH, "pylib/"); - strcat_s(szImportLibs, MAX_PATH, PYTHON_IMPORT_POST); // 3: Initialize (Embedded) Python. - Py_SetProgramName(L"VmmPyPluginManager"); - Py_Initialize(); - PyEval_InitThreads(); - PyRun_SimpleString(szImportBase); - PyRun_SimpleString(szImportLibs); +#if PY_VERSION_HEX <= 0x030A0000 + Py_SetProgramName(L"VmmPyPluginManager"); +#endif +#if PY_VERSION_HEX <= 0x03060000 + PyEval_InitThreads(); // Required for Python 3.6 +#endif + Util_PyAddSysPath(szPathBaseExe); + Util_PyAddSysPath(szImportLibs); // 4: Import VmmPyPlugin library/file to start the python part of the plugin manager. pyName = PyUnicode_DecodeFSDefault("vmmpyplugin"); if(!pyName) { goto fail; } diff --git a/vmmrust/leechcore_example/Cargo.toml b/vmmrust/leechcore_example/Cargo.toml index 1f0d685..990f252 100644 --- a/vmmrust/leechcore_example/Cargo.toml +++ b/vmmrust/leechcore_example/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "leechcore_example" -version = "5.14.5" +version = "5.14.6" edition = "2021" publish = false diff --git a/vmmrust/m_example_plugin/Cargo.toml b/vmmrust/m_example_plugin/Cargo.toml index d5010e5..92a4625 100644 --- a/vmmrust/m_example_plugin/Cargo.toml +++ b/vmmrust/m_example_plugin/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "m_example_plugin" -version = "5.14.5" +version = "5.14.6" edition = "2021" publish = false diff --git a/vmmrust/memprocfs/Cargo.toml b/vmmrust/memprocfs/Cargo.toml index 16309ff..3e84207 100644 --- a/vmmrust/memprocfs/Cargo.toml +++ b/vmmrust/memprocfs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "memprocfs" -version = "5.14.5" +version = "5.14.6" edition = "2021" description = "MemProcFS - Physical Memory Analysis Framework" documentation = "https://docs.rs/memprocfs" diff --git a/vmmrust/memprocfs_example/Cargo.toml b/vmmrust/memprocfs_example/Cargo.toml index 4b148fc..fb10898 100644 --- a/vmmrust/memprocfs_example/Cargo.toml +++ b/vmmrust/memprocfs_example/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "memprocfs_example" -version = "5.14.5" +version = "5.14.6" edition = "2021" publish = false diff --git a/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs b/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs index eaba317..cec5222 100644 --- a/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs +++ b/vmmsharp/vmmsharp/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ using System.Runtime.Versioning; // You can specify all the values or you can default the Build and Revision Numbers // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("5.14.5.195")] -[assembly: AssemblyFileVersion("5.14.5.195")] +[assembly: AssemblyVersion("5.14.6.196")] +[assembly: AssemblyFileVersion("5.14.6.196")] diff --git a/vmmsharp/vmmsharp/vmmsharp.csproj b/vmmsharp/vmmsharp/vmmsharp.csproj index f9cd2d2..35c7e95 100644 --- a/vmmsharp/vmmsharp/vmmsharp.csproj +++ b/vmmsharp/vmmsharp/vmmsharp.csproj @@ -109,7 +109,7 @@ - 5.14.5 + 5.14.6 https://github.com/ufrisk/MemProcFS git LICENSE