Hi,
I have an application that gets dump of a structure from the driver and
prints (hex dump) it onto either console or a file.
At present I am taking this hex dump and manually mapping the values with
various sized fields of the structure.
Depending on the version of driver installed on the system, the structure
definition might change.
So there is some work involved in figuring ou the definition of the
structure as well.
Is there a way to get structure definition and map the contents of
structure dump to the structure,
the way we print dt ?
Which is the best interface that I can use from a C/C++ program or is there
a tool that just prints
the definition of structure and size of various fields of structure given
the name of the structure?
Thanks,
-Praveen
You can use APIs in dbghelp.dll to get the dymbol info out of the pdb and then enumerate the typed of each field
d
Sent from my phone with no t9, all spilling mistakes are not intentional.
-----Original Message-----
From: Praveen Kumar Amritaluru
Sent: Thursday, February 05, 2009 3:34 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Extracting a symbol from pdb file
Hi,
I have an application that gets dump of a structure from the driver and
prints (hex dump) it onto either console or a file.
At present I am taking this hex dump and manually mapping the values with
various sized fields of the structure.
Depending on the version of driver installed on the system, the structure
definition might change.
So there is some work involved in figuring ou the definition of the
structure as well.
Is there a way to get structure definition and map the contents of
structure dump to the structure,
the way we print dt ?
Which is the best interface that I can use from a C/C++ program or is there
a tool that just prints
the definition of structure and size of various fields of structure given
the name of the structure?
Thanks,
-Praveen
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
Visual Studio has a sample on how to use the DIA libraries to access debug
information including type information. I used it to create a hack of a
tool to generate a .H file from embedded debug information.
However, my favorite quick way if I have a binary and PDB is to just load
them up in a good disassemble (Ida, for instance) and let it or one of its
plugins map all the type and symbol information into human readable form.
Good Luck,
Dave
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Thursday, February 05, 2009 9:44 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] Extracting a symbol from pdb file
You can use APIs in dbghelp.dll to get the dymbol info out of the pdb and
then enumerate the typed of each field
d
Sent from my phone with no t9, all spilling mistakes are not intentional.
-----Original Message-----
From: Praveen Kumar Amritaluru
Sent: Thursday, February 05, 2009 3:34 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Extracting a symbol from pdb file
Hi,
I have an application that gets dump of a structure from the driver and
prints (hex dump) it onto either console or a file.
At present I am taking this hex dump and manually mapping the values with
various sized fields of the structure.
Depending on the version of driver installed on the system, the structure
definition might change.
So there is some work involved in figuring ou the definition of the
structure as well.
Is there a way to get structure definition and map the contents of
structure dump to the structure,
the way we print dt ?
Which is the best interface that I can use from a C/C++ program or is there
a tool that just prints
the definition of structure and size of various fields of structure given
the name of the structure?
Thanks,
-Praveen
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
DIA and DbgHelp both provide an interface (poorly documented as of a few years ago, though IIRC there’s a good Pietrek/MSJ article on the subject) for dealing with typeinfo stored in a .pdb.
? S
-----Original Message-----
From: Praveen Kumar Amritaluru
Sent: Thursday, February 05, 2009 03:32
To: Windows System Software Devs Interest List
Subject: [ntdev] Extracting a symbol from pdb file
Hi,
I have an application that gets dump of a structure from the driver and
prints (hex dump) it onto either console or a file.
At present I am taking this hex dump and manually mapping the values with
various sized fields of the structure.
Depending on the version of driver installed on the system, the structure
definition might change.
So there is some work involved in figuring ou the definition of the
structure as well.
Is there a way to get structure definition and map the contents of
structure dump to the structure,
the way we print dt ?
Which is the best interface that I can use from a C/C++ program or is there
a tool that just prints
the definition of structure and size of various fields of structure given
the name of the structure?
Thanks,
-Praveen
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
I would use WinDbg’s open as dump file on binary support for that and not IDA; historically, IDA’s typeinfo support for PDBs has been at best flaky.
? S
-----Original Message-----
From: David R. Cattley
Sent: Thursday, February 05, 2009 06:48
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] Extracting a symbol from pdb file
Visual Studio has a sample on how to use the DIA libraries to access debug
information including type information. I used it to create a hack of a
tool to generate a .H file from embedded debug information.
However, my favorite quick way if I have a binary and PDB is to just load
them up in a good disassemble (Ida, for instance) and let it or one of its
plugins map all the type and symbol information into human readable form.
Good Luck,
Dave
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Doron Holan
Sent: Thursday, February 05, 2009 9:44 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] Extracting a symbol from pdb file
You can use APIs in dbghelp.dll to get the dymbol info out of the pdb and
then enumerate the typed of each field
d
Sent from my phone with no t9, all spilling mistakes are not intentional.
-----Original Message-----
From: Praveen Kumar Amritaluru
Sent: Thursday, February 05, 2009 3:34 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Extracting a symbol from pdb file
Hi,
I have an application that gets dump of a structure from the driver and
prints (hex dump) it onto either console or a file.
At present I am taking this hex dump and manually mapping the values with
various sized fields of the structure.
Depending on the version of driver installed on the system, the structure
definition might change.
So there is some work involved in figuring ou the definition of the
structure as well.
Is there a way to get structure definition and map the contents of
structure dump to the structure,
the way we print dt ?
Which is the best interface that I can use from a C/C++ program or is there
a tool that just prints
the definition of structure and size of various fields of structure given
the name of the structure?
Thanks,
-Praveen
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer