bytecode

package

v1.0.5 Latest Latest Go to latest Published: Jan 17, 2025 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tencent/goom

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package bytecode 是内存字节码层面操作的工具集

Index ¶

Constants
Variables
func DecodeAddress(bytes []byte, len int) int
func DecodeRelativeAddr(ins *x86asm.Inst, block []byte, offset int) int
func EncodeAddress(ops []byte, addr []byte, addrLen int, val int, add int) []byte
func GetFuncSize(mode int, start uintptr, minimal bool) (length int, err error)
func GetInnerFunc(mode int, start uintptr) (uintptr, error)
func GetPtr(v reflect.Value) unsafe.Pointer
func GetTrampolinePtr(trampoline interface{}) (uintptr, error)
func IsValidPtr(value interface{}) bool
func MinSize(showSize int, fixOrigin []byte) int
func ParseIns(pos int, copyOrigin []byte) (*x86asm.Inst, []byte, error)
func PrintInst(name string, from uintptr, size int, level int)
func PrintInstf(title string, from uintptr, copyOrigin []byte, level int)
type ByteOrder

Constants ¶

View Source

const (
	// PrintShort 默认打印的指令数量(短)
	PrintShort = 20
	// PrintMiddle 默认打印的指令数量(中)
	PrintMiddle = 30
	// PrintLong 默认打印的指令数量(长)
	PrintLong = 35
)

调试日志相关

View Source

const CallInsName = "CALL"

CallInsName call 指令名称

Variables ¶

View Source

var LittleEndian littleEndian

LittleEndian is the little-endian implementation of ByteOrder.

Functions ¶

func DecodeAddress ¶

func DecodeAddress(bytes []byte, len int) int

DecodeAddress 从函数字节码中解析地址数值 len 地址值的位数

func DecodeRelativeAddr ¶

func DecodeRelativeAddr(ins *x86asm.Inst, block []byte, offset int) int

DecodeRelativeAddr decode relative address, if jump to the front of current pos, return negative values

func EncodeAddress ¶

func EncodeAddress(ops []byte, addr []byte, addrLen int, val int, add int) []byte

EncodeAddress 写入地址参数到函数字节码 len 地址值的位数 val 地址值 add 偏移量, 可为负数

func GetFuncSize ¶

func GetFuncSize(mode int, start uintptr, minimal bool) (length int, err error)

GetFuncSize get func binary size not absolutely safe

func GetInnerFunc ¶

func GetInnerFunc(mode int, start uintptr) (uintptr, error)

GetInnerFunc Get the first real func location from wrapper not absolutely safe

func GetPtr ¶

func GetPtr(v reflect.Value) unsafe.Pointer

GetPtr 获取函数的调用地址(和函数的指令地址不一样)

func GetTrampolinePtr ¶

func GetTrampolinePtr(trampoline interface{}) (uintptr, error)

GetTrampolinePtr 获取跳板函数的地址

func IsValidPtr ¶

func IsValidPtr(value interface{}) bool

IsValidPtr 判断函数 value 是否为指针类型

func MinSize ¶

func MinSize(showSize int, fixOrigin []byte) int

MinSize 最小 size，不超出 fixOrigin 长度的 size 大小

func ParseIns ¶

func ParseIns(pos int, copyOrigin []byte) (*x86asm.Inst, []byte, error)

ParseIns parse instruction

func PrintInst ¶

func PrintInst(name string, from uintptr, size int, level int)

PrintInst PrintInst 调试内存指令替换,对原指令、替换之后的指令进行输出对比

func PrintInstf ¶

func PrintInstf(title string, from uintptr, copyOrigin []byte, level int)

PrintInstf 调试内存指令替换,对原指令、替换之后的指令进行输出对比

Types ¶

type ByteOrder ¶

type ByteOrder interface {
	Uint16([]byte) uint16
	Uint32([]byte) uint32
	Uint64([]byte) uint64
	PutUint16([]byte, uint16)
	PutUint32([]byte, uint32)
	PutUint64([]byte, uint64)
	String() string
}

ByteOrder A ByteOrder specifies how to convert byte sequences into 16-, 32-, or 64-bit unsigned integers.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
memory Package memory 包负责内存读写控制	Package memory 包负责内存读写控制
stub Package stub 负责管理桩函数内存管理	Package stub 负责管理桩函数内存管理

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL