15 return (obj && obj->
kv) ? obj->
kv :
NULL;
45 rbin->cb_printf(
"\nBITMAP_DUMP:\n");
50 rbin->cb_printf(
"\nTRIAGE_DUMP64:\n");
92 #define FIELD(header, field) FIELD_COMMENT(header, field, NULL)
172 ret->
os =
rz_str_newf(
"Windows NT Server Domain Controller %d.%d",
199 rz_list_foreach (obj->
pages, it, page) {
213 rz_list_foreach (obj->
datablocks, it, datablock) {
238 rz_list_foreach (obj->
drivers, it, driver) {
278 .desc =
"Windows Crash Dump x64 rz_bin plugin",
294 #ifndef RZ_PLUGIN_INCORE
RZ_API RZ_OWN RzList * rz_bin_file_strings(RZ_NONNULL RzBinFile *bf, size_t min_length, bool raw_strings)
Generates a RzList struct containing RzBinString from a given RzBinFile.
RZ_API void rz_bin_map_free(RzBinMap *map)
RZ_API void rz_bin_field_free(RzBinField *field)
RZ_API RzBinField * rz_bin_field_new(ut64 paddr, ut64 vaddr, int size, const char *name, const char *comment, const char *format, bool format_named)
static Sdb * get_sdb(RzBinFile *bf)
#define FIELD(header, field)
static bool load_buffer(RzBinFile *bf, RzBinObject *obj, RzBuffer *buf, Sdb *sdb)
static RzList * libs(RzBinFile *bf)
static void header(RzBinFile *bf)
static RzList * strings(RzBinFile *bf)
static RzList * fields(RzBinFile *bf)
static void destroy(RzBinFile *bf)
RZ_API RzLibStruct rizin_plugin
static bool check_buffer(RzBuffer *b)
static RzBinInfo * info(RzBinFile *bf)
#define FIELD_COMMENT(header, field, comment)
static char * regstate(RzBinFile *bf)
static RzList * maps(RzBinFile *bf)
RzBinPlugin rz_bin_plugin_dmp64
static int file_type(RzBinFile *bf)
struct rz_bin_dmp64_obj_t * rz_bin_dmp64_new_buf(RzBuffer *buf)
const char * rz_bin_dmp64_bugcheckcode_as_str(ut32 BugCheckCode)
void rz_bin_dmp64_free(struct rz_bin_dmp64_obj_t *obj)
size_t map(int syms, int left, int len)
RZ_API void Ht_() free(HtName_(Ht) *ht)
RZ_API RZ_OWN RzList * rz_list_newf(RzListFree f)
Returns a new initialized RzList pointer and sets the free method.
RZ_API RZ_BORROW RzListIter * rz_list_append(RZ_NONNULL RzList *list, void *data)
Appends at the end of the list a new element.
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")
#define MDMP_VER_NT_WORKSTATION
#define MDMP_VER_NT_SERVER
#define MDMP_VER_NT_DOMAIN_CONTROLLER
RZ_API int sdb_ns_set(Sdb *s, const char *name, Sdb *r)
#define rz_return_val_if_fail(expr, val)
RZ_API st64 rz_buf_read_at(RZ_NONNULL RzBuffer *b, ut64 addr, RZ_NONNULL RZ_OUT ut8 *buf, ut64 len)
Read len bytes of the buffer at the specified address.
static ut32 rz_read_le32(const void *src)
static ut64 rz_read_le64(const void *src)
RZ_API char * rz_hex_bin2strdup(const ut8 *in, int len)
void(* RzListFree)(void *ptr)
RZ_API char * rz_str_newf(const char *fmt,...) RZ_PRINTF_CHECK(1
#define rz_offsetof(type, member)
union dmp64_triage::@133 ArchitectureSpecific
struct dmp64_triage::@133::@134 Ia64
ut32 UnloadedDriversOffset
dmp_bmp_header * bmp_header
dmp64_triage * triage64_header
XX curplugin == o->plugin.
Description of a single memory mapping into virtual memory from a binary.
if(dbg->bits==RZ_SYS_BITS_64)
1.9.1