search

moyix / pdbparse

Python code to parse Microsoft PDB files
Other
309 stars 83 forks source link

DOS Header magic not found #59

Open programminglaboratorys opened 11 months ago

programminglaboratorys commented 11 months ago

Info:

C:\Users\ACER\Desktop\myproject\counter>python -V
Python 3.10.11

C:\Users\ACER\Desktop\myproject\counter>python -m pip show pdbparse
Name: pdbparse
Version: 1.5
Summary: Python parser for Microsoft PDB files
Home-page: https://github.com/moyix/pdbparse/
Author: Brendan Dolan-Gavitt
Author-email: brendandg@gatech.edu
License:
Location: c:\users\acer\appdata\roaming\python\python310\site-packages
Requires: construct, construct, pefile
Required-by:

C:\Users\ACER\Desktop\myproject\counter>cl
Microsoft (R) C/C++ Optimizing Compiler Version 19.29.30152 for x86
Copyright (C) Microsoft Corporation.  All rights reserved.

python code:

#!/usr/bin/python
# coding: utf-8

import os
import sys
import pdbparse
from pdbparse.peinfo import *
from binascii import hexlify

def main(pepath):

    # Extract debug infos from PE.
    guid, pdb_filename = get_external_codeview(pepath)
    print("PE debug infos : %s, %s" % (pdb_filename, guid))

    # Extract corresponding PDB.
    pdbpath = os.path.join(os.path.dirname(pepath), pdb_filename)
    p = pdbparse.parse(pdbpath, fast_load = True)
    pdb = p.streams[pdbparse.PDB_STREAM_PDB]
    pdb.load()
    guidstr = (u'%08x%04x%04x%s%x' % (pdb.GUID.Data1, pdb.GUID.Data2, pdb.GUID.Data3, binascii.hexlify(
        pdb.GUID.Data4).decode('ascii'), pdb.Age)).upper()
    print("PDB Guid : %s" % (guidstr))

    if guid != guidstr:
        print(u'pdb not for this exe')
        sys.exit(-1)
    else:
        dbi = p.streams[pdbparse.PDB_STREAM_DBI]
        dbi.load()

        for (i, fns) in enumerate(dbi.modules):
            module_name = dbi.DBIExHeaders[i].objName.decode('ascii')
            print("[%d] DBI Module : %s" % (i, module_name))
            for fn in fns:
                print(u'\t%s' % fn)
            print(u'-')

if __name__ == u'__main__':
    pepath = sys.argv[1]
    print(pepath)
    main(pepath)

I used cl.exe /Zi /Fd "counter.pdb" "counter.cpp" to build c++ pdb with this codde

// C++ Program to demonstrate
#include <iostream>
using namespace std;
int main_num = 0;

int add(int num) {
    main_num += num;
    return main_num;
}

int main()
{
    int numadder = 1;
    while (true) {
        printf("%d\r", add(numadder));
    }
    return 0;
}