Removed excessive logging in pydbg and implement attach failure handling

MacOSX/README

@@ -16,6 +16,9 @@ This is an updated version of PyDbg for OS X that supports 64 bits targets.
 It still does not support all features available in the Windows version but it can already be
 used for scripted debugging of 32 and 64bits OS X targets.
 
+One special feature that I have added is the possibility to install hardware breakpoints per thread
+and have breakpoint handlers for each thread.
+
 It supports the libdasm disassembler library and also distorm3. I have uploaded the libdasm version
 that I use into the github repo with a small fix to multi-byte nops.
 
@@ -30,6 +33,8 @@ flag so kernel needs to be patched. I need to verify in what state I left this,
 Many thanks go to the company that indirectly sponsored this update :-) !
 
 Tested with Python 2.6.x and 2.7.x.
+You need to use the python version correspondent to your target, python-32 for 32bits, and 
+python-64 for 64bits. Macdll by default compiles to a fat binary :-)
 
 From the old instructions, what you need is the pydasm install and python procmod permissions.
 You also need to compile the macdll and copy it to pydbg folder.

MacOSX/macdll/Exception.c

@@ -111,7 +111,6 @@ extern kern_return_t catch_mach_exception_raise(
 
 #if __LP64__
 		// determine if single step
-//		printf("RFLAGS: %lx %x\n", state.__rflags, code[0]);
 		if(state.__rflags & EFLAGS_TRAP || code[0] == EXC_I386_SGL)
 		{   // the code[0] is if its a hardware breakpoint.  Windows expects those to be reported as a single step event
 			exception_code = EXCEPTION_SINGLE_STEP;
@@ -127,7 +126,6 @@ extern kern_return_t catch_mach_exception_raise(
 
 #else
 		// determine if single step
-//		printf("EFLAGS: %x %x\n", state.eflags, code[0]);
 		if(state.eflags & EFLAGS_TRAP || code[0] == EXC_I386_SGL)
 		{   // the code[0] is if its a hardware breakpoint.  Windows expects those to be reported as a single step event
 			exception_code = EXCEPTION_SINGLE_STEP;
@@ -141,7 +139,6 @@ extern kern_return_t catch_mach_exception_raise(
         thread_get_state(thread, flavor, (thread_state_t)&exc_state, &count);
 		exception_ref = exc_state.faultvaddr;
 #endif
-		//fprintf(stderr, "Hit breakpoint at %x\n", exception_at);
         result = KERN_SUCCESS;
     }
     // FAULTS

MacOSX/macdll/MacDll.c

@@ -118,6 +118,10 @@ BOOL StartProcess(DWORD dwProcessId)
 
 }
 
+/*
+ * success != 0
+ * failure = 0
+ */
 EXPORT
 BOOL DebugActiveProcess(DWORD dwProcessId)
 {
@@ -456,6 +460,9 @@ BOOL SetThreadContext(HANDLE hThread, const CONTEXT* lpContext)
 	return 1;
 }
 
+/*
+ * non-zero return is success
+ */
 EXPORT
 BOOL CreateProcessA(LPCTSTR lpApplicationName, 
                     LPTSTR lpCommandLine, 
@@ -563,7 +570,14 @@ BOOL CreateProcessA(LPCTSTR lpApplicationName,
     }
     // parent
     // initialize the mach port into the debugee
-    DebugActiveProcess(target_pid);
+    retval = DebugActiveProcess(target_pid);
+    // failed to attach
+    if (retval == 0)
+    {
+        kill(target_pid, SIGCONT); // leave no zombies behind!
+        kill(target_pid, SIGKILL);
+        return 0;
+    }
     // suspend all threads
     suspend_all_threads(target_pid);
     // and now we can continue the process, threads are still suspended!

MacOSX/macdll/implementation.c

@@ -55,6 +55,9 @@ attach(pid_t pid, mach_port_t *exceptionport)
     getport(pid);   // make sure port gets set
 
     *exceptionport = install_debug_port(pid);
+    // failure
+    if (*exceptionport == 0) return 0;
+    // success
     return 1;
 }
 
@@ -217,13 +220,7 @@ read_memory(int pid, mach_vm_address_t addr, mach_vm_size_t len, char *data)
     mach_vm_size_t nread ;
     vm_map_t port = getport(pid);
 
-    /*		mach_msg_type_number_t local_size = vm_page_size;
-     vm_offset_t localaddress;
-     vm_read(port, (mach_vm_address_t) addr, (mach_vm_size_t) len, &localaddress, &local_size);
-     printf("Address:%lx Data:%x\n", addr, *(unsigned char*)localaddress);
-     */	
     mach_vm_read_overwrite(port, addr, len, (mach_vm_address_t)data, &nread);
-    //        vm_read(port, (mach_vm_address_t) addr, (mach_vm_size_t) len, (vm_offset_t *) data, &nread);
     if(nread != len){
         //fprintf(stderr, "Error reading memory, requested %d bytes, read %d\n", len, nread);
         //                return 0;  // bad
@@ -311,11 +308,9 @@ suspend_all_threads(pid_t target_pid)
 
     if (thread_count > 0)
     {
-//        printf("[DEBUG] Found %d threads\n", thread_count);
         i = thread_count;
         while (i--)
         {
-//            printf("[%d] %d\n", i, thread_list[i]);
             suspend_thread(thread_list[i]);
         }
     }

pydbg/pydbg.py

@@ -150,8 +150,8 @@ def __init__ (self, ff=True, cs=False):
         self.op3                      = None      # pydasm decoded 3rd operand, propagated by self.disasm()
 
         # control debug/error logging.
-        self._info = lambda msg: sys.stderr.write("[INFO-pydbg] " + msg + "\n")
-        self._log = lambda msg: sys.stderr.write("[!LOG-pydbg] " + msg + "\n")
+        self._info = lambda msg: None #sys.stderr.write("[INFO-pydbg] " + msg + "\n")
+        self._log = lambda msg: None # sys.stderr.write("[!LOG-pydbg] " + msg + "\n")
         self._warning = lambda msg: None #sys.stderr.write("[!WARNING-pydbg] " + msg + "\n")
         self._err = lambda msg: sys.stderr.write("[ERROR-pydbg] " + msg + "\n")
 
@@ -2614,7 +2614,7 @@ def exception_handler_single_step (self):
 
             # macos compatability.
             # need to clear TRAP flag for MacOS. this doesn't hurt Windows aside from a negligible speed hit.
-            print "Clearing TRAP Flag"
+            #print "Clearing TRAP Flag"
             context = self.get_thread_context(self.h_thread)
             # FIXME 64bits
             if self.is64bits: