Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Struct viewer debugging tool #19629

Merged
merged 5 commits into from
Nov 19, 2024
Merged

Struct viewer debugging tool #19629

merged 5 commits into from
Nov 19, 2024

Conversation

kotcrab
Copy link
Contributor

@kotcrab kotcrab commented Nov 12, 2024

This PR adds struct viewer debugging tool. It visualizes objects data in game memory using data types and symbols fetched from your Ghidra project. It also allows to set memory breakpoints and edit field values which is helpful when reverse engineering unknown types.

This is how it looks in action:

image

The types are fetched over REST API that Ghidra exposes with my ghidra-rest-api extension. This allows for a very efficient workflow where you can edit some types in Ghidra and instantly refresh them in Struct viewer to see updated object memory layout.

How to try it

If you don't have a Ghidra project

I prepared mock API you can use for testing this without setting up Ghidra at all. You will just need Mockoon and the API json I prepared here. With that in Mockoon do File -> Open local environment, select json file then press the green button to start the mock server.
The types and symbols are for Fate/Extra CCC, with that game booted you can open the Struct viewer and press the Connect button. Now you can start exploring the globals, for most interesting see g_logoTask and g_TitleTask (the first one will be populated when logos are visible and the second one after getting to the title screen).

If you have a Ghidra project

Then you just need to install my ghidra-rest-api extension, start API server in Ghidra. Open the Struct viewer and press the Connect button. Note that your Ghidra image should be at 0x8804000 for globals to align.

@Linblow
Copy link
Contributor

Linblow commented Nov 18, 2024

Good idea, I like that

hrydgard
hrydgard requested changes Nov 18, 2024
View reviewed changes
Copy link
Owner

@hrydgard hrydgard left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skimmed through it, code is nice, clear and self-contained, looks good.

One request: GhidraClient.h really needs a comment clarifying that this is not an official Ghidra protocol, but one exposed by your plugin. The comment should contain a link to your repo, and at a minimum a brief usage description, like the one you wrote in this PR. And I guess a link to this PR couldn't hurt.

@kotcrab
Add GhidraClient and ImStructViewer docs
e3e8318 
Few more code comments and misc clean up
@kotcrab
Copy link
Contributor Author

kotcrab commented Nov 18, 2024

Good point, added now and few more comments. I also added more setup info to the initial UI:
image

Let me know if there's anything more you would like changed.

@hrydgard hrydgard added this to the v1.19.0 milestone Nov 19, 2024
@hrydgard
Copy link
Owner

Very nice, good idea to show it in the UI too!

Minor, we generally only use // for comments, even large blocks, but I'm not gonna block this on that, just letting you know for future changes.

@hrydgard hrydgard merged commit 1c0f9d3 into hrydgard:master Nov 19, 2024
19 checks passed
@kotcrab kotcrab deleted the struct-viewer branch November 22, 2024 17:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hrydgard hrydgard hrydgard requested changes

Assignees
No one assigned
Labels
Debugger
Projects
None yet
Milestone
v1.19.0
Development

Successfully merging this pull request may close these issues.
3 participants
@kotcrab @Linblow @hrydgard