如何转义 Python 相关库中的星号?
How to escape an asterisk in a Python related library?
我正在使用 PYKD,一个用于为 Windbg 编写 Python 脚本的库。
其中一个函数 typedVar 在处理包含星号的类型名称时似乎不起作用:
(在 Windbg 会话中):
.load pykd.pyd // Load PYKD library
!py // enter an interactive Python session
>>> print typedVar('CMap<unsigned long,unsigned long,int,int>', 0x02d729dc).m_nCount
Int4B at 0x2d729e8 Value: 0x4 (4)
=> ok!
>>> print typedVar('CMap<int,int,ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > > >', 0x02ca2568).m_nCount
Int4B at 0x2ca2574 Value: 0x7 (7)
=> ok!
>>> print typedVar('CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
Traceback (most recent call last):
File "<console>", line 1, in <module>
TypeException: CMap<int,int,void *,void *> : invalid type name
=> NOK (most probably because of the asterisk)
我相信这是由星号引起的,被解释为通配符,所以我想使用转义字符,以便将星号用作 "normal" 字符,但这似乎不是就这么简单:
使用反斜杠:
>>> print typedVar('CMap<int,int,void \*,void \*>', 0x0054ac10).m_nCount
Traceback (most recent call last):
File "<console>", line 1, in <module>
TypeException: CMap<int,int,void \*,void \*> : invalid type name
加倍星号:
>>> print typedVar('CMap<int,int,void **,void **>', 0x0054ac10).m_nCount
Traceback (most recent call last):
File "<console>", line 1, in <module>
TypeException: CMap<int,int,void **,void **> : invalid type name
有人知道 Python 中正则表达式的转义字符吗(如果它不是反斜杠或双字符)?
提前致谢
哦,在我忘记之前:提到的类型存在于应用程序的符号中,正如您在此处看到的那样:
for tp in app.enumTypes("*CMap<*"):
print tp
...
CMap<int,int,void *,void *>
...
在第一条评论和回复后编辑
这些是我使用的命令(使用 r 和 u):
>>> print typedVar(r'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(u'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(rr'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(r'''CMap<int,int,void *,void *>''', 0x0054ac10).m_nCount
>>> print typedVar(r''CMap<int,int,void *,void *>'', 0x0054ac10).m_nCount
>>> print typedVar(ru'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(ru'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
进一步使用最新的 PYKD 库后编辑
不幸的是,仍然存在一个问题,您可以从以下摘录中看出:
0:000> .load pykd.pyd
0:000> .chain
Extension DLL search Path:
...
Extension DLL chain:
pykd.pyd: image 0.3.4.2, API 1.0.0, built Sat Nov 17 13:06:54 2018
[path: C:\Program Files (x86)\Windows Kits\Debuggers\x86\winext\pykd.pyd]
...
0:000> !py
>>> dprintln("%d" % typedVar('Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>', 0x064ad440).m_nCount)
2
=> An asterisk in the type name can sometimes be handled
>>> dprintln("%d" % typedVar('Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>', 0x064ad328).m_nCount)
Traceback (most recent call last):
File "<console>", line 1, in <module>
AttributeError: typed var has no field 'm_nCount'
=> But sometimes there still are issues.
The error message clearly shows that the typename is known.
这可能是什么问题?我可以做些什么来添加更详细的调试信息吗?
根据 ussrhero 的新提议进行编辑
typeInfo 似乎是空的:
>>> print(typeInfo('Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>'))
class/struct : CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *> Size: 0x0 (0)
这里再放一个CMap相关的typeInfo供参考:
>>> print(typeInfo('Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>'))
class/struct : CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int> Size: 0x1c (28)
+0000 __VFN_table : VTable*
=0000000000 classCObject : CRuntimeClass
+0004 m_pHashTable : CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc**
+0008 m_nHashTableSize : UInt4B
+000c m_nCount : Int4B
+0010 m_pFreeList : CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc*
+0014 m_pBlocks : CPlex*
+0018 m_nBlockSize : Int4B
这里是一个不存在的class的typeInfo(也是为了参考):
>>> print(typeInfo('Application!NonExisting_Class'))
Traceback (most recent call last):
File "<console>", line 1, in <module>
SymbolException: 'NonExisting_Class' - symbol not found
=> 所以 class 给出的问题是已知的,但显然无法处理。
在 ussrhero 上次更新后编辑:
dt 和 dx 似乎提到其他 CMap 一切正常:
0:000> dt 0x064ad440 CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>
Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>
+0x000 __VFN_table : 0x01503444
+0x004 m_pHashTable : 0x06ab9ad0 -> (null)
+0x008 m_nHashTableSize : 0x186ab
+0x00c m_nCount : 0n2
+0x010 m_pFreeList : 0x063c953c CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc
+0x014 m_pBlocks : 0x063c9518 CPlex
+0x018 m_nBlockSize : 0n10
0:000> dt 0x064ad440 CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int> m_nCount
Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>
+0x00c m_nCount : 0n2
0:000> dx (CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>*) 0x064ad440
(CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>*) 0x064ad440 : 0x64ad440 [Type: CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int> *]
[+0x004] m_pHashTable : 0x6ab9ad0 [Type: CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc * *]
[+0x008] m_nHashTableSize : 0x186ab [Type: unsigned int]
[+0x00c] m_nCount : 2 [Type: int]
[+0x010] m_pFreeList : 0x63c953c [Type: CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc *]
[+0x014] m_pBlocks : 0x63c9518 [Type: CPlex *]
[+0x018] m_nBlockSize : 10 [Type: int]
dt 和 dx 似乎提到该特定 CMap 存在问题:
0:000> dt 0x064ad328 CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>
Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>
0:000> dt 0x064ad328 CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *> m_nCount
Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>
0:000> dx (CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>*) 0x064ad328
Error: Unable to find type 'CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *> *' for cast.
不过符号好像没有问题:
0:000> x /2 Application!CMap<*vftable*
...
0152e944 Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>::`vftable'
...
01503444 Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::`vftable'
显然我们正在处理 Windbg 问题。我们如何确定这是一个已知的 Windbg 问题还是一个新问题?这些问题在哪里收集? (为了您的信息,我正在使用 Windbg 10.0.16299.15 X86 for Windows 10,版本 1803(OS Build 17134.345),但 Windbg Preview 似乎也有这个错误。
无法发表评论,但您可以尝试此处解释的 r'string'
What exactly do "u" and "r" string flags do, and what are raw string literals?
或者如果可以的话,将指针换成任何无符号的 64 位数据类型。
typedVar 不插入类型名称。您必须使用与符号信息中包含的类型名称相同的类型名称。
尝试用dt命令查找:
dt CMap*
或者使用 pykd:
print( "\n".join( module('ModuleName').enumTypes('CMap*') )
我相信它看起来像 'CMap<int,int,void*,void*>'(没有任何 space)
这是一个 pykd 错误:
https://githomelab.ru/pykd/pykd/issues/33
下个版本会修复
尝试打印类型信息:
>>>print( typeInfo('Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION,_RTL_CRITICAL_SECTION *>') )
我正在使用 PYKD,一个用于为 Windbg 编写 Python 脚本的库。
其中一个函数 typedVar 在处理包含星号的类型名称时似乎不起作用:
(在 Windbg 会话中):
.load pykd.pyd // Load PYKD library
!py // enter an interactive Python session
>>> print typedVar('CMap<unsigned long,unsigned long,int,int>', 0x02d729dc).m_nCount
Int4B at 0x2d729e8 Value: 0x4 (4)
=> ok!
>>> print typedVar('CMap<int,int,ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > > >', 0x02ca2568).m_nCount
Int4B at 0x2ca2574 Value: 0x7 (7)
=> ok!
>>> print typedVar('CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
Traceback (most recent call last):
File "<console>", line 1, in <module>
TypeException: CMap<int,int,void *,void *> : invalid type name
=> NOK (most probably because of the asterisk)
我相信这是由星号引起的,被解释为通配符,所以我想使用转义字符,以便将星号用作 "normal" 字符,但这似乎不是就这么简单:
使用反斜杠:
>>> print typedVar('CMap<int,int,void \*,void \*>', 0x0054ac10).m_nCount
Traceback (most recent call last):
File "<console>", line 1, in <module>
TypeException: CMap<int,int,void \*,void \*> : invalid type name
加倍星号:
>>> print typedVar('CMap<int,int,void **,void **>', 0x0054ac10).m_nCount
Traceback (most recent call last):
File "<console>", line 1, in <module>
TypeException: CMap<int,int,void **,void **> : invalid type name
有人知道 Python 中正则表达式的转义字符吗(如果它不是反斜杠或双字符)?
提前致谢
哦,在我忘记之前:提到的类型存在于应用程序的符号中,正如您在此处看到的那样:
for tp in app.enumTypes("*CMap<*"):
print tp
...
CMap<int,int,void *,void *>
...
在第一条评论和回复后编辑
这些是我使用的命令(使用 r 和 u):
>>> print typedVar(r'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(u'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(rr'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(r'''CMap<int,int,void *,void *>''', 0x0054ac10).m_nCount
>>> print typedVar(r''CMap<int,int,void *,void *>'', 0x0054ac10).m_nCount
>>> print typedVar(ru'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
>>> print typedVar(ru'CMap<int,int,void *,void *>', 0x0054ac10).m_nCount
进一步使用最新的 PYKD 库后编辑
不幸的是,仍然存在一个问题,您可以从以下摘录中看出:
0:000> .load pykd.pyd
0:000> .chain
Extension DLL search Path:
...
Extension DLL chain:
pykd.pyd: image 0.3.4.2, API 1.0.0, built Sat Nov 17 13:06:54 2018
[path: C:\Program Files (x86)\Windows Kits\Debuggers\x86\winext\pykd.pyd]
...
0:000> !py
>>> dprintln("%d" % typedVar('Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>', 0x064ad440).m_nCount)
2
=> An asterisk in the type name can sometimes be handled
>>> dprintln("%d" % typedVar('Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>', 0x064ad328).m_nCount)
Traceback (most recent call last):
File "<console>", line 1, in <module>
AttributeError: typed var has no field 'm_nCount'
=> But sometimes there still are issues.
The error message clearly shows that the typename is known.
这可能是什么问题?我可以做些什么来添加更详细的调试信息吗?
根据 ussrhero 的新提议进行编辑
typeInfo 似乎是空的:
>>> print(typeInfo('Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>'))
class/struct : CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *> Size: 0x0 (0)
这里再放一个CMap相关的typeInfo供参考:
>>> print(typeInfo('Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>'))
class/struct : CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int> Size: 0x1c (28)
+0000 __VFN_table : VTable*
=0000000000 classCObject : CRuntimeClass
+0004 m_pHashTable : CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc**
+0008 m_nHashTableSize : UInt4B
+000c m_nCount : Int4B
+0010 m_pFreeList : CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc*
+0014 m_pBlocks : CPlex*
+0018 m_nBlockSize : Int4B
这里是一个不存在的class的typeInfo(也是为了参考):
>>> print(typeInfo('Application!NonExisting_Class'))
Traceback (most recent call last):
File "<console>", line 1, in <module>
SymbolException: 'NonExisting_Class' - symbol not found
=> 所以 class 给出的问题是已知的,但显然无法处理。
在 ussrhero 上次更新后编辑:
dt 和 dx 似乎提到其他 CMap 一切正常:
0:000> dt 0x064ad440 CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>
Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>
+0x000 __VFN_table : 0x01503444
+0x004 m_pHashTable : 0x06ab9ad0 -> (null)
+0x008 m_nHashTableSize : 0x186ab
+0x00c m_nCount : 0n2
+0x010 m_pFreeList : 0x063c953c CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc
+0x014 m_pBlocks : 0x063c9518 CPlex
+0x018 m_nBlockSize : 0n10
0:000> dt 0x064ad440 CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int> m_nCount
Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>
+0x00c m_nCount : 0n2
0:000> dx (CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>*) 0x064ad440
(CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>*) 0x064ad440 : 0x64ad440 [Type: CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int> *]
[+0x004] m_pHashTable : 0x6ab9ad0 [Type: CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc * *]
[+0x008] m_nHashTableSize : 0x186ab [Type: unsigned int]
[+0x00c] m_nCount : 2 [Type: int]
[+0x010] m_pFreeList : 0x63c953c [Type: CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::CAssoc *]
[+0x014] m_pBlocks : 0x63c9518 [Type: CPlex *]
[+0x018] m_nBlockSize : 10 [Type: int]
dt 和 dx 似乎提到该特定 CMap 存在问题:
0:000> dt 0x064ad328 CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>
Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>
0:000> dt 0x064ad328 CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *> m_nCount
Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>
0:000> dx (CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>*) 0x064ad328
Error: Unable to find type 'CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *> *' for cast.
不过符号好像没有问题:
0:000> x /2 Application!CMap<*vftable*
...
0152e944 Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION *,_RTL_CRITICAL_SECTION *>::`vftable'
...
01503444 Application!CMap<ATL::CStringT<wchar_t,StrTraitMFC_DLL<wchar_t,ATL::ChTraitsCRT<wchar_t> > >,wchar_t const *,unsigned int,unsigned int>::`vftable'
显然我们正在处理 Windbg 问题。我们如何确定这是一个已知的 Windbg 问题还是一个新问题?这些问题在哪里收集? (为了您的信息,我正在使用 Windbg 10.0.16299.15 X86 for Windows 10,版本 1803(OS Build 17134.345),但 Windbg Preview 似乎也有这个错误。
无法发表评论,但您可以尝试此处解释的 r'string'
What exactly do "u" and "r" string flags do, and what are raw string literals?
或者如果可以的话,将指针换成任何无符号的 64 位数据类型。
typedVar 不插入类型名称。您必须使用与符号信息中包含的类型名称相同的类型名称。
尝试用dt命令查找:
dt CMap*
或者使用 pykd:
print( "\n".join( module('ModuleName').enumTypes('CMap*') )
我相信它看起来像 'CMap<int,int,void*,void*>'(没有任何 space)
这是一个 pykd 错误: https://githomelab.ru/pykd/pykd/issues/33
下个版本会修复
尝试打印类型信息:
>>>print( typeInfo('Application!CMap<unsigned int,unsigned int,_RTL_CRITICAL_SECTION,_RTL_CRITICAL_SECTION *>') )