Add Support Functions for Fuzzing Attached Processes and Fix a False Hang issue in attached processes

Windows/debugger.cpp

@@ -1471,7 +1471,7 @@ DebuggerStatus Debugger::DebugLoop(uint32_t timeout, bool killing)
     uint64_t time_elapsed = end_time - begin_time;
     timeout = ((uint64_t)timeout >= time_elapsed) ? timeout - (uint32_t)time_elapsed : 0;
 
-    // printf("timeout: %u\n", timeout);
+    //printf("timeout: %u\n", timeout);
     // printf("time: %lld\n", get_cur_time_us());
 
     if (wait_ret) {
@@ -1491,7 +1491,7 @@ DebuggerStatus Debugger::DebugLoop(uint32_t timeout, bool killing)
 
     thread_id = DebugEv->dwThreadId;
 
-    // printf("eventCode: %x\n", DebugEv->dwDebugEventCode);
+    //printf("eventCode: %x\n", DebugEv->dwDebugEventCode);
 
     switch (DebugEv->dwDebugEventCode)
     {
@@ -1742,8 +1742,6 @@ DebuggerStatus Debugger::Attach(unsigned int pid, uint32_t timeout) {
 
   if (!DebugActiveProcess(pid)) {
     DWORD error_code = GetLastError();
-
-
     if(error_code == 5) {
       HANDLE hToken = NULL;
       LUID luid;
@@ -1810,19 +1808,25 @@ DebuggerStatus Debugger::Continue(uint32_t timeout) {
     dbg_last_status = DEBUGGER_TARGET_START;
     return dbg_last_status;
   }
+  if (script != NULL) {
+     HANDLE thread_handle = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)system, script, 0, NULL);
+     CloseHandle(thread_handle);
+  }
 
   dbg_last_status = DebugLoop(timeout);
 
   if (dbg_last_status == DEBUGGER_PROCESS_EXIT) {
-    CloseHandle(child_handle);
-    CloseHandle(child_thread_handle);
-    child_handle = NULL;
-    child_thread_handle = NULL;
+    if (!attach_mode) {
+      CloseHandle(child_handle);
+      CloseHandle(child_thread_handle);
+      child_handle = NULL;
+      child_thread_handle = NULL;
+    }
   }
 
   return dbg_last_status;
 }
-
+ 
 // initializes options from command line
 void Debugger::Init(int argc, char **argv) {
   have_thread_context = false;

Windows/debugger.h

@@ -77,6 +77,8 @@ class Debugger {
     return last_exception;
   }
 
+  char * script;
+
 protected:
 
   enum MemoryProtection {

common.cpp

@@ -20,6 +20,14 @@ limitations under the License.
 #include <chrono>
 
 #include "common.h"
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32)
+	#include <windows.h>
+	#include <tlhelp32.h>
+#endif
+#include <iostream>
+#include <string>
+#include <codecvt>
+#include <locale> 
 
 uint64_t GetCurTime(void) {
   auto duration =  std::chrono::system_clock::now().time_since_epoch();
@@ -96,6 +104,27 @@ int GetIntOption(const char *name, int argc, char** argv, int default_value) {
   return (int)strtol(option, NULL, 0);
 }
 
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32)
+	DWORD FindProcessId(char * process_name)
+	{
+		PROCESSENTRY32 entry;
+		entry.dwSize = sizeof(PROCESSENTRY32);
+
+		HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
+
+		if (Process32First(snapshot, &entry) == TRUE)
+		{
+			while (Process32Next(snapshot, &entry) == TRUE)
+			{
+				if (stricmp(entry.szExeFile, process_name) == 0)
+				{  
+				  CloseHandle(snapshot);
+					return entry.th32ProcessID;
+				}
+			}
+		}
+	}
+#endif
 
 //quoting on Windows is weird
 size_t ArgvEscapeWindows(char *in, char *out) {

common.h

@@ -75,6 +75,9 @@ uint64_t GetCurTime(void);
 char *GetOption(const char *name, int argc, char** argv);
 void GetOptionAll(const char *name, int argc, char** argv, std::list<char *> *results);
 bool GetBinaryOption(const char *name, int argc, char** argv, bool default_value);
+#if defined(WIN32) || defined(_WIN32) || defined(__WIN32)
+	DWORD FindProcessId(char * process_name);
+#endif
 int GetIntOption(const char *name, int argc, char** argv, int default_value);
 
 char *ArgvToCmd(int argc, char** argv);