Merge branch 'frida:main' into capstone_remove

Cargo.toml

@@ -13,7 +13,9 @@ members = [
     "examples/gum/debug_symbol",
     "examples/gum/fast_interceptor",
     "examples/gum/linux_no_std",
+    "examples/gum/memory_access_monitor",
     "examples/core/hello",
+    "examples/core/usb_device",
     "examples/core/console_log",
 ]
 # We miss our linux_no_std example from the default members since `cargo check`
@@ -30,6 +32,8 @@ default-members = [
     "examples/gum/hook_instruction",
     "examples/gum/debug_symbol",
     "examples/gum/fast_interceptor",
+    "examples/gum/memory_access_monitor",
     "examples/core/hello",
+    "examples/core/usb_device",
     "examples/core/console_log",
 ]

FRIDA_VERSION

@@ -1 +1 @@
-16.0.19
+16.1.10

examples/core/usb_device/Cargo.toml

@@ -0,0 +1,12 @@
+[package]
+name = "usb_device"
+version = "0.1.0"
+authors = ["Andras Marczell <[email protected]>"]
+edition = "2018"
+license = "wxWindows"
+publish = false
+
+[dependencies]
+frida = { path = "../../../frida" }
+frida-sys = { path = "../../../frida-sys" }
+lazy_static = "1.4"

examples/core/usb_device/src/main.rs

@@ -0,0 +1,21 @@
+use frida::DeviceType;
+
+fn main() {
+    let frida = unsafe { frida::Frida::obtain() };
+    let device_manager = frida::DeviceManager::obtain(&frida);
+
+    // get the first usb device (assuming there is one attached)
+    let device = device_manager.get_device_by_type(DeviceType::USB).unwrap();
+    assert_eq!(device.get_type(), DeviceType::USB);
+    println!(
+        "found {} with type: {}",
+        device.get_name(),
+        device.get_type()
+    );
+
+    // get the device id and use it to obtain a the device by the id
+    let device_id = device.get_id();
+    let device = device_manager.get_device_by_id(device_id).unwrap();
+    assert_eq!(device.get_id(), device_id);
+    println!("found {} with id: {}", device.get_name(), device.get_id());
+}

examples/gum/fast_interceptor/Cargo.toml

@@ -6,7 +6,7 @@ edition = "2018"
 license = "MIT"
 
 [dependencies]
-frida-gum = { path = "../../../frida-gum"}
+frida-gum = { path = "../../../frida-gum" }
 lazy_static = "1.4"
 ctor = "0.1"
 libc = "0.2.126"

examples/gum/memory_access_monitor/Cargo.toml

@@ -0,0 +1,12 @@
+[package]
+name = "monitor-memory-access"
+version = "0.1.0"
+authors = ["Liu Xiangru <[email protected]>"]
+edition = "2021"
+license = "MIT"
+description = "Example of monitoring memory access using Frida's MemoryAccessMonitor API"
+
+[dependencies]
+frida-gum = { path = "../../../frida-gum", features = [
+    "memory-access-monitor",
+] }

examples/gum/memory_access_monitor/src/main.rs

@@ -0,0 +1,37 @@
+use frida_gum::{MemoryAccessMonitor, MemoryRange, NativePointer};
+use std::sync::atomic::AtomicUsize;
+
+static HIT: AtomicUsize = AtomicUsize::new(0);
+const BLK_SIZE: usize = 0x3;
+
+fn main() {
+    let block =
+        unsafe { std::alloc::alloc(std::alloc::Layout::from_size_align_unchecked(BLK_SIZE, 1)) };
+    let range = MemoryRange::new(NativePointer(block as *mut _), BLK_SIZE);
+    let gum = unsafe { frida_gum::Gum::obtain() };
+    let mam = MemoryAccessMonitor::new(
+        &gum,
+        vec![range],
+        frida_gum::PageProtection::Write,
+        true,
+        |_, details| {
+            println!(
+                "[monitor callback] hit: {}, details: {}",
+                HIT.fetch_add(1, std::sync::atomic::Ordering::SeqCst),
+                details
+            );
+        },
+    );
+    if let Ok(()) = mam.enable() {
+        unsafe {
+            for i in 0..BLK_SIZE {
+                println!("writing at block + {:#x}", i);
+                let ptr = block.add(i);
+                std::ptr::write(ptr, 0);
+            }
+        }
+        mam.disable();
+    } else {
+        println!("failed to enable memory access monitor");
+    }
+}

frida-gum-sys/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "frida-gum-sys"
-version = "0.8.1"
-authors = ["Keegan Saunders <[email protected]>"]
+version = "0.8.3"
+authors = ["Keegan Saunders <[email protected]>", "Shmarya Rubenstein <[email protected]>"]
 edition = "2018"
 license = "wxWindows"
 repository = "https://github.com/frida/frida-rust"
@@ -15,7 +15,7 @@ stalker-observer = ["cc"]
 stalker-params = ["cc"]
 
 [build-dependencies]
-bindgen = "0.63"
+bindgen = "0.69.1"
 cc = { version = "1.0", optional = true }
 frida-build = { path = "../frida-build", version = "0.2.1", optional = true }
 

frida-gum-sys/FRIDA_VERSION

@@ -1 +1 @@
-16.0.19
+16.1.10

frida-gum-sys/build.rs

@@ -77,7 +77,11 @@ fn main() {
         .header("probe_listener.h")
         .header("stalker_observer.h")
         .header("stalker_params.h")
-        .parse_callbacks(Box::new(bindgen::CargoCallbacks))
+        .parse_callbacks(Box::new(bindgen::CargoCallbacks::new()))
+        .blocklist_type("GumChainedPtr64Rebase")
+        .blocklist_type("GumChainedPtrArm64eRebase")
+        .blocklist_type("_GumChainedPtr64Rebase")
+        .blocklist_type("_GumChainedPtrArm64eRebase")
         .generate_comments(false)
         .layout_tests(false)
         .generate()

frida-gum/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "frida-gum"
-version = "0.13.2"
-authors = ["Keegan Saunders <[email protected]>"]
+version = "0.13.4"
+authors = ["Keegan Saunders <[email protected]>", "Shmarya Rubenstein <[email protected]>"]
 edition = "2018"
 license = "wxWindows"
 repository = "https://github.com/frida/frida-rust"
@@ -12,13 +12,14 @@ auto-download = ["frida-gum-sys/auto-download"]
 backtrace = ["libc"]
 event-sink = ["frida-gum-sys/event-sink"]
 invocation-listener = ["frida-gum-sys/invocation-listener"]
+memory-access-monitor = []
 module-names = []
 stalker-observer = ["frida-gum-sys/stalker-observer"]
 stalker-params = ["frida-gum-sys/stalker-params"]
 
 [dependencies]
 cstr_core = { version = "0.2.6", default-features = false, features = ["alloc"] }
-frida-gum-sys = { path = "../frida-gum-sys", version = "0.8.1" }
+frida-gum-sys = { path = "../frida-gum-sys", version = "0.8.3" }
 libc = { version = "0.2.93", default-features = false, optional = true }
 num = { version = "0.3.1", default-features = false }
 num-derive = { version = "0.3.3", default-features = false }

frida-gum/src/backtracer.rs

@@ -12,6 +12,7 @@ use {core::mem::MaybeUninit, frida_gum_sys as gum_sys};
 
 // The following function is not exposed through the `frida-gum.h` header, so we don't have an
 // auto-generated binding for it. This may change in a future version.
+#[cfg(not(target_os = "windows"))]
 extern "C" {
     // On some platforms `ucontext` contains a u128 which does not have a defined ABI. In this case,
     // we disable the error as we assume the behaviour is correct (all other platforms are unaffected).
@@ -83,6 +84,7 @@ impl Backtracer {
 
     /// Generate an accurate backtrace as a list of return addresses for the supplied signal
     /// context.
+    #[cfg(not(target_os = "windows"))]
     pub fn accurate_with_signal_context(context: &libc::ucontext_t) -> Vec<usize> {
         let mut cpu_context = MaybeUninit::<gum_sys::GumCpuContext>::uninit();
 
@@ -94,6 +96,7 @@ impl Backtracer {
 
     /// Generate a fuzzy backtrace as a list of return addresses for the supplied signal
     /// context.
+    #[cfg(not(target_os = "windows"))]
     pub fn fuzzy_with_signal_context(context: &libc::ucontext_t) -> Vec<usize> {
         let mut cpu_context = MaybeUninit::<gum_sys::GumCpuContext>::uninit();
 

frida-gum/src/cpu_context.rs

@@ -94,14 +94,14 @@ impl<'a> CpuContext<'a> {
         unsafe { (*self.cpu_context).x[index] = value };
     }
 
-    #[cfg(all(feature = "backtrace", not(target_os = "windows")))]
+    #[cfg(feature = "backtrace")]
     #[cfg_attr(doc_cfg, doc(cfg(feature = "backtrace")))]
     /// Get an accurate backtrace from this CPU context.
     pub fn backtrace_accurate(&self) -> Vec<usize> {
         crate::Backtracer::accurate_with_context(unsafe { &*self.cpu_context })
     }
 
-    #[cfg(all(feature = "backtrace", not(target_os = "windows")))]
+    #[cfg(feature = "backtrace")]
     #[cfg_attr(doc_cfg, doc(cfg(feature = "backtrace")))]
     /// Get a fuzzy backtrace from this CPU context.
     pub fn backtrace_fuzzy(&self) -> Vec<usize> {

frida-gum/src/error.rs

@@ -43,3 +43,6 @@ impl fmt::Debug for Error {
         write!(fmt, "{self:}")
     }
 }
+
+#[allow(unused)]
+pub type GumResult<T> = Result<T, Error>;

frida-gum/src/lib.rs

@@ -45,7 +45,14 @@
 //! }
 //! ```
 
-#![cfg_attr(not(feature = "module-names"), no_std)]
+#![cfg_attr(
+    not(any(
+        feature = "module-names",
+        feature = "backtrace",
+        feature = "memory-access-monitor"
+    )),
+    no_std
+)]
 #![cfg_attr(doc_cfg, feature(doc_cfg))]
 #![deny(warnings)]
 #![allow(clippy::needless_doctest_main)]
@@ -62,6 +69,7 @@ extern crate num_derive;
 use core::{
     convert::TryFrom,
     ffi::{c_char, c_void, CStr},
+    fmt::{Debug, Display, Formatter, LowerHex, UpperHex},
 };
 
 #[cfg(not(feature = "module-names"))]
@@ -85,6 +93,11 @@ pub use error::Error;
 mod cpu_context;
 pub use cpu_context::*;
 
+#[cfg(feature = "memory-access-monitor")]
+mod memory_access_monitor;
+#[cfg(feature = "memory-access-monitor")]
+pub use memory_access_monitor::*;
+
 mod memory_range;
 pub use memory_range::*;
 
@@ -94,10 +107,10 @@ pub use range_details::*;
 mod debug_symbol;
 pub use debug_symbol::*;
 
-#[cfg(all(feature = "backtrace", not(target_os = "windows")))]
+#[cfg(feature = "backtrace")]
 #[cfg_attr(doc_cfg, doc(cfg(feature = "backtrace")))]
 mod backtracer;
-#[cfg(all(feature = "backtrace", not(target_os = "windows")))]
+#[cfg(feature = "backtrace")]
 #[cfg_attr(doc_cfg, doc(cfg(feature = "backtrace")))]
 pub use backtracer::*;
 
@@ -123,7 +136,7 @@ impl Drop for Gum {
     }
 }
 
-#[derive(Copy, Clone, Hash, PartialEq, Eq)]
+#[derive(Debug, Copy, Clone, Hash, PartialEq, Eq, PartialOrd, Ord)]
 #[repr(transparent)]
 pub struct NativePointer(pub *mut c_void);
 
@@ -168,3 +181,21 @@ impl AsRef<NativePointer> for NativePointer {
         self
     }
 }
+
+impl LowerHex for NativePointer {
+    fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
+        LowerHex::fmt(&(self.0 as usize), f)
+    }
+}
+
+impl UpperHex for NativePointer {
+    fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
+        UpperHex::fmt(&(self.0 as usize), f)
+    }
+}
+
+impl Display for NativePointer {
+    fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
+        Display::fmt(&(self.0 as usize), f)
+    }
+}