-
-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DbgValFromString&DbgEval #2223
Comments
Hi, can't you just use |
if my memory serves me, this command displays the search result in the ref window. This is not convenient. To search for va / rva pointers, I wrote my command and everything was in order. With the transition to a fresh OS (vin10.1809) in place of the arguments, I get a line with the command and variables. |
Can you post your whole code so I can take a look?
…On Sun, 13 Oct 2019 at 05:36, Paliha ***@***.***> wrote:
if my memory serves me, this command displays the search result in the ref
window. This is not convenient. To search for va / rva pointers, I wrote my
command and everything was in order. With the transition to a fresh OS
(vin10.1809) in place of the arguments, I get a line with the command and
variables.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#2223?email_source=notifications&email_token=AASYFGMHZCDQYSBSXIUY5NLQOKJT3A5CNFSM4I62U5KKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBCNPRA#issuecomment-541382596>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AASYFGIRYH5XXN47XSVB7SDQOKJT3ANCNFSM4I62U5KA>
.
|
It might help to try
And see what is the output. |
updated sdk, added to method: |
I have no idea what the issue was. The code you sent earlier looked fine 🤷♂ but glad you fixed it :) Feel free to close the issue if it’s solved. |
Hi!
What method can I get data from a variable in a script?
Example from the script:
FindPointer mytable, pattern, 4
The method that I use:
bool cbFunctionFindPointer(int argc, char* argv[3])
{
char buffer[MAX_MNEMONIC_SIZE];
bool success;
duint index = DbgEval(argv[1], &success);
duint Size = Memory::GetSize(DbgValFromString(argv[1]), false, true);
.....
}
Unfortunately, there are no data in the variables. As a result, the functions (DbgValFromString&DbgEval) simply convert the variable name to unsigned __int64:
0x0000020db33b9720 {0x0000020db33b72f0 "FindPointer mytable, pattern, 4"}
index = 5557833728 //unsigned __int64
Size = 1077248 //unsigned __int64
The text was updated successfully, but these errors were encountered: