thread_context.rb in tduehr-ragweed-0.1.7.1

- old
+ new

@@ -79,26 +79,26 @@
   def to_s
     FIELDS.map {|f| send(f[0])}.pack(FIELDS.map {|x| x[1]}.join(""))
   end
 
   def self.get(h)
-    self.new(Wrap32::get_thread_context_raw(h))
+    self.new(Ragweed::Wrap32::get_thread_context_raw(h))
   end
 
   def get(h)
-    refresh(Wrap32::get_thread_context_raw(h))
+    refresh(Ragweed::Wrap32::get_thread_context_raw(h))
   end
 
   def set(h)
-    Wrap32::set_thread_context_raw(h, self.to_s)
+    Ragweed::Wrap32::set_thread_context_raw(h, self.to_s)
   end
 
   def inspect
     body = lambda do
       FIELDS.map do |f|
         val = send(f[0])
-        "#{f[0]}=#{val.to_s(16) rescue val.to_s}"
+        "#{f[0]}=#{val.to_s(16) rescue val.to_s.hexify}"
       end.join(", ")
     end
     "#<ThreadContext #{body.call}>"
   end
 
@@ -117,27 +117,27 @@
     EDX: #{self.edx.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.edx)}
     EDI: #{self.edi.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.edi)}
     ESI: #{self.esi.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.esi)}
     EBP: #{self.ebp.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.ebp)}
     ESP: #{self.esp.to_s(16).rjust(8, "0")} #{maybe_hex.call(self.esp)}
-    EFL: #{self.eflags.to_s(2).rjust(32, "0")} #{Wrap32::EFlags.flag_dump(self.eflags)}
+    EFL: #{self.eflags.to_s(2).rjust(32, "0")} #{Ragweed::Wrap32::EFlags.flag_dump(self.eflags)}
 EOM
   end
 
   def single_step(v=true)
     if v
-      @eflags |= Wrap32::EFlags::TRAP
+      @eflags |= Ragweed::Wrap32::EFlags::TRAP
     else
-      @eflags &= ~(Wrap32::EFlags::TRAP)
+      @eflags &= ~(Ragweed::Wrap32::EFlags::TRAP)
     end
   end
 end
 
 module Ragweed::Wrap32
   class << self
     def get_thread_context_raw(h)
-      ctx = [Wrap32::ContextFlags::DEBUG,0,0,0,0,0,0,"\x00"*112,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"\x00"*1024].pack("LLLLLLLa112LLLLLLLLLLLLLLLLa1024")
+      ctx = [Ragweed::Wrap32::ContextFlags::DEBUG,0,0,0,0,0,0,"\x00"*112,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"\x00"*1024].pack("LLLLLLLa112LLLLLLLLLLLLLLLLa1024")
       ret = CALLS["kernel32!GetThreadContext:LP=L"].call(h, ctx)
       if ret != 0
         return ctx
       else
         raise WinX.new(:get_thread_context)
@@ -192,10 +192,10 @@
     # Retrieve the running context of a thread given its handle, returning a 
     # struct that mostly contains register values. Note that this will suspend
     # and then resume the thread. Useful (among many other things) to sample
     # EIP values to see what the code is doing.
     def get_thread_context(h)
-      ctx = [Wrap32::ContextFlags::DEBUG,0,0,0,0,0,0,"\x00"*112,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"\x00"*1024].pack("LLLLLLLa112LLLLLLLLLLLLLLLLa1024")
+      ctx = [Ragweed::Wrap32::ContextFlags::DEBUG,0,0,0,0,0,0,"\x00"*112,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"\x00"*1024].pack("LLLLLLLa112LLLLLLLLLLLLLLLLa1024")
       suspend_thread(h)
       ret = CALLS["kernel32!GetThreadContext:LP=L"].call(h, ctx)
       resume_thread(h)
       if ret != 0
         return str2context(ctx)