x64dbg dist upgraded to snapshot_2025-01-17_12-45

fix: issue #65, issue #62 was caused x64dbg hardening against dll sideloading, but I changed the way of Python finalization in x64dbg as `plugstop` comes in a non-main thread and threading._shutdown() freeze the app
version: bumped up

.gitignore

@@ -49,4 +49,6 @@
 /deploy/MANIFEST
 /deploy/README.rst
 /deploy/dist
-/deploy/labeless.egg-info
+/deploy/labeless.egg-info
+/test_x64dbg/x32/python310.dll
+/test_x64dbg/x64/python310.dll

common/version.h

@@ -22,7 +22,7 @@
 
 #define VERSION_MAJOR               1
 #define VERSION_MINOR               1
-#define VERSION_REVISION            7
+#define VERSION_REVISION            8
 #define VERSION_BUILD               0
 
 

deploy/labeless/VERSION

@@ -1 +1 @@
-1.1.7.0
+1.1.8.0

deploy/setup.cfg

@@ -2,4 +2,4 @@
 description-file = README.rst
 
 [bdist_wheel]
-universal=1
+universal=0

labeless_x64dbg/labeless.cpp

@@ -22,7 +22,10 @@
 #include "util.h"
 #include "labeless_x64dbg.h"
 
+#pragma warning(push)
+#pragma warning(disable: 4995 4800)
 #include "../common/cpp/rpc.pb.h"
+#pragma warning(pop)
 #include "../common/version.h"
 
 #include "pluginsdk/_scriptapi_gui.h"
@@ -49,6 +52,7 @@ static struct StaticConfig
 	UINT		hlpLogMessageId = 0;
 	UINT		hlpCommandReceived = 0;
 	UINT		hlpPortChanged = 0;
+	UINT		hlpShutdown = 0;
 } gConfig;
 
 static const char kBackendName[] {"labeless.backend.x64dbg"};
@@ -68,7 +72,7 @@ int tracefunc(PyObject *obj, _frame *frame, int what, PyObject *arg)
 
 	if (PyObject* str = PyObject_Str(frame->f_code->co_filename))
 	{
-		const std::string s = PyString_AsString(str);
+		const std::string s = PyUnicode_AsUTF8(str);
 		log_r("PROFILING: %s:%d", s.c_str(), frame->f_lineno);
 		Py_DECREF(str);
 		std::ofstream of("c:\\labeless_trace.log", std::ios_base::app);
@@ -654,6 +658,7 @@ bool ClientData::remove(uint64_t jobId)
 }
 
 std::atomic_bool Labeless::m_ServerEnabled{ false };
+std::atomic_bool Labeless::m_PythonFinalized{ false };
 
 Labeless::Labeless()
 	: m_hInst(nullptr)
@@ -703,9 +708,20 @@ bool Labeless::destroy()
 	stopServer();
 	destroyPython();
 	google::protobuf::ShutdownProtobufLibrary();
+	m_PythonFinalized = true;
 	return true;
 }
 
+void Labeless::onPlugstop()
+{
+	// as plugstop is called from an another thread, the Python3 threading._shutdown() 
+	// will hang on destroyPython() so delegate that to main thread
+	PostMessage(gConfig.helperWnd, gConfig.hlpShutdown, 0, 0);
+	while (!m_PythonFinalized) {
+		SleepEx(1, TRUE);
+	}
+}
+
 bool Labeless::initPython()
 {
 	xstring pythonDir = util::getHostAppDir();
@@ -726,20 +742,38 @@ bool Labeless::initPython()
 	PyImport_AppendInittab("_x64dbgapi", &PyInit__x64dbgapi);
 #endif // _WIN64
 
+	PyStatus status;
+	PyConfig config;
+	PyConfig_InitPythonConfig(&config);
+
+	status = PyConfig_SetBytesString(&config, &config.program_name, "");
+	if (PyStatus_Exception(status)) {
+		log_r("Failed to set program name");
+		PyConfig_Clear(&config);
+		return false;
+	}
+
+	status = Py_InitializeFromConfig(&config);
+	if (PyStatus_Exception(status)) {
+		log_r("Failed Initialize python");
+		PyConfig_Clear(&config);
+		return false;
+	}
+	PyConfig_Clear(&config);
 
-	Py_SetProgramName(L"");
-	Py_InitializeEx(0);
+	//Py_SetProgramName(L"");
+	//Py_InitializeEx(0);
 
-#ifdef ENABLE_PYTHON_PROFILING
-	//PyEval_SetTrace(tracefunc, NULL);
-#endif
+#if (ENABLE_PYTHON_PROFILING == 1)
+	PyEval_SetTrace(tracefunc, NULL);
+#endif //  (ENABLE_PYTHON_PROFILING == 1)
 
 	if (!Py_IsInitialized())
 	{
 		log_r("Could not initialize Python");
 		return false;
 	}
-	PyEval_InitThreads();
+	//PyEval_InitThreads();
 
 #ifdef ENABLE_PYTHON_ZIP
 	PyRun_SimpleString("import sys\nsys.path.extend(['.', 'python_dlls', 'python27.zip', 'python27.zip/site-packages'])");
@@ -849,7 +883,10 @@ void Labeless::logInitPythonFail(const std::string& info) const
 
 void Labeless::destroyPython()
 {
-	Py_Finalize();
+	const auto rv = Py_FinalizeEx();
+	if (rv < 0) {
+		log_r("PyFinalyzeEx() failed, code: %d", rv);
+	}
 }
 
 HWND Labeless::createWindow()
@@ -873,6 +910,11 @@ HWND Labeless::createWindow()
 		log_r("RegisterWindowMessage(hlpPortChanged) failed. LastError: %08X", GetLastError());
 		return false;
 	}
+	if (!gConfig.hlpShutdown && !(gConfig.hlpShutdown = RegisterWindowMessage(_T("{3C322054-B099-403C-956A-3CB1B402659D}"))))
+	{
+		log_r("RegisterWindowMessage(hlpShutdown) failed. LastError: %08X", GetLastError());
+		return false;
+	}
 
 	HWND rv = nullptr;
 	WNDCLASS wClass = {};
@@ -1154,6 +1196,11 @@ LRESULT CALLBACK Labeless::helperWinProc(HWND hw, UINT msg, WPARAM wp, LPARAM lp
 		ll.onPortChanged();
 		return 0;
 	}
+	if (msg == gConfig.hlpShutdown)
+	{
+		Labeless::instance().destroy();
+		return 0;
+	}
 	switch (msg) {
 	case WM_CREATE:
 		return 0;

labeless_x64dbg/labeless.h

@@ -67,6 +67,9 @@ class Labeless
 	Labeless();
 	Labeless(const Labeless&) = delete;
 	Labeless& operator=(const Labeless&) = delete;
+
+	bool destroy();
+
 public:
 	virtual ~Labeless();
 
@@ -75,7 +78,7 @@ class Labeless
 	inline HINSTANCE hInstance() const { return m_hInst; }
 
 	bool init(PLUG_SETUPSTRUCT*);
-	bool destroy();
+	void onPlugstop();
 
 	void stopServer();
 	bool startServer();
@@ -128,4 +131,5 @@ class Labeless
 	static std::atomic_bool	m_ServerEnabled;
 
 	ClientData				m_Rpc;
+	static std::atomic_bool m_PythonFinalized;
 };

labeless_x64dbg/labeless_x64dbg.cpp

@@ -232,7 +232,7 @@ DLL_EXPORT bool plugstop()
 	_plugin_unregistercallback(g_pluginHandle, CB_CREATEPROCESS);
 	_plugin_menuclear(g_hMenu);
 
-	Labeless::instance().destroy();
+	Labeless::instance().onPlugstop();
 	return true;
 }
 

labeless_x64dbg/labeless_x64dbg.vcxproj

@@ -61,7 +61,7 @@
       <Optimization>Disabled</Optimization>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <IntrinsicFunctions>true</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LABELESS_X64DBG_EXPORTS;_SCL_SECURE_NO_WARNINGS;ENABLE_PYTHON_PROFILING=0;LABELESS_ADDITIONAL_LOGGING;__X64DBG__;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LABELESS_X64DBG_EXPORTS;_SCL_SECURE_NO_WARNINGS;ENABLE_PYTHON_PROFILING=0;__X64DBG__;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
       <AdditionalIncludeDirectories>$(SolutionDir)\3rdparty\Python310\include;$(SolutionDir)\3rdparty\protobuf-3.20.3\src;$(ProjectDir)\pluginsdk;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <AdditionalOptions>/J %(AdditionalOptions)</AdditionalOptions>
@@ -86,7 +86,7 @@
       <Optimization>Disabled</Optimization>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <IntrinsicFunctions>true</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LABELESS_X64DBG_EXPORTS;_SCL_SECURE_NO_WARNINGS;ENABLE_PYTHON_PROFILING=0;LABELESS_ADDITIONAL_LOGGING;__X64DBG__;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;LABELESS_X64DBG_EXPORTS;_SCL_SECURE_NO_WARNINGS;ENABLE_PYTHON_PROFILING=0;__X64DBG__;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
       <AdditionalIncludeDirectories>$(SolutionDir)\3rdparty\Python310x64\include;$(SolutionDir)\3rdparty\protobuf-3.20.3\src;$(ProjectDir)\pluginsdk;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
       <AdditionalOptions>/J %(AdditionalOptions)</AdditionalOptions>

labeless_x64dbg/pluginsdk/TitanEngine/TitanEngine.h

@@ -57,6 +57,9 @@
 #define UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK 8
 #define UE_ENGINE_SET_DEBUG_PRIVILEGE 9
 #define UE_ENGINE_SAFE_ATTACH 10
+#define UE_ENGINE_MEMBP_ALT 11
+#define UE_ENGINE_DISABLE_ASLR 12
+#define UE_ENGINE_SAFE_STEP 13
 
 #define UE_OPTION_REMOVEALL 1
 #define UE_OPTION_DISABLEALL 2
@@ -323,6 +326,15 @@
 #define CONTEXT_EXTENDED_REGISTERS 0
 #endif
 
+typedef void(*TITANCALLBACKARG)(const void*);
+typedef void(*TITANCALLBACK)();
+
+typedef TITANCALLBACK TITANCBCH;
+typedef TITANCALLBACK TITANCBSTEP;
+typedef TITANCALLBACK TITANCBSOFTBP;
+typedef TITANCALLBACKARG TITANCBHWBP;
+typedef TITANCALLBACKARG TITANCBMEMBP;
+
 typedef struct
 {
     DWORD PE32Offset;
@@ -835,14 +847,14 @@ __declspec(dllexport) void TITCALL SetBPXOptions(long DefaultBreakPointType);
 __declspec(dllexport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress);
 __declspec(dllexport) bool TITCALL EnableBPX(ULONG_PTR bpxAddress);
 __declspec(dllexport) bool TITCALL DisableBPX(ULONG_PTR bpxAddress);
-__declspec(dllexport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack);
+__declspec(dllexport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, TITANCBSOFTBP bpxCallBack);
 __declspec(dllexport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress);
 __declspec(dllexport) bool TITCALL SafeDeleteBPX(ULONG_PTR bpxAddress);
 __declspec(dllexport) bool TITCALL SetAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack);
 __declspec(dllexport) bool TITCALL DeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace);
 __declspec(dllexport) bool TITCALL SafeDeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace);
 __declspec(dllexport) bool TITCALL SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, LPVOID bpxCallBack);
-__declspec(dllexport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack);
+__declspec(dllexport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, TITANCBMEMBP bpxCallBack);
 __declspec(dllexport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory);
 __declspec(dllexport) bool TITCALL GetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
 __declspec(dllexport) void TITCALL Getx87FPURegisters(x87FPURegister_t x87FPURegisters[8], TITAN_ENGINE_CONTEXT_t* titcontext);
@@ -879,28 +891,28 @@ __declspec(dllexport) ULONG_PTR TITCALL GetJumpDestinationEx(HANDLE hProcess, UL
 __declspec(dllexport) ULONG_PTR TITCALL GetJumpDestination(HANDLE hProcess, ULONG_PTR InstructionAddress);
 __declspec(dllexport) bool TITCALL IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags);
 __declspec(dllexport) bool TITCALL IsJumpGoingToExecute();
-__declspec(dllexport) void TITCALL SetCustomHandler(DWORD ExceptionId, LPVOID CallBack);
+__declspec(dllexport) void TITCALL SetCustomHandler(DWORD ExceptionId, TITANCBCH CallBack);
 __declspec(dllexport) void TITCALL ForceClose();
-__declspec(dllexport) void TITCALL StepInto(LPVOID traceCallBack);
-__declspec(dllexport) void TITCALL StepOver(LPVOID traceCallBack);
-__declspec(dllexport) void TITCALL StepOut(LPVOID StepOut, bool StepFinal);
-__declspec(dllexport) void TITCALL SingleStep(DWORD StepCount, LPVOID StepCallBack);
+__declspec(dllexport) void TITCALL StepInto(TITANCBSTEP traceCallBack);
+__declspec(dllexport) void TITCALL StepOver(TITANCBSTEP traceCallBack);
+__declspec(dllexport) void TITCALL StepOut(TITANCBSTEP StepOut, bool StepFinal);
+__declspec(dllexport) void TITCALL SingleStep(DWORD StepCount, TITANCBSTEP StepCallBack);
 __declspec(dllexport) bool TITCALL GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex);
-__declspec(dllexport) bool TITCALL SetHardwareBreakPointEx(HANDLE hActiveThread, ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack, LPDWORD IndexOfSelectedRegister);
-__declspec(dllexport) bool TITCALL SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack);
+__declspec(dllexport) bool TITCALL SetHardwareBreakPointEx(HANDLE hActiveThread, ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, TITANCBHWBP bpxCallBack, LPDWORD IndexOfSelectedRegister);
+__declspec(dllexport) bool TITCALL SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, TITANCBHWBP bpxCallBack);
 __declspec(dllexport) bool TITCALL DeleteHardwareBreakPoint(DWORD IndexOfRegister);
 __declspec(dllexport) bool TITCALL RemoveAllBreakPoints(DWORD RemoveOption);
 __declspec(dllexport) PROCESS_INFORMATION* TITCALL TitanGetProcessInformation();
 __declspec(dllexport) STARTUPINFOW* TITCALL TitanGetStartupInformation();
 __declspec(dllexport) void TITCALL DebugLoop();
 __declspec(dllexport) void TITCALL SetDebugLoopTimeOut(DWORD TimeOut);
 __declspec(dllexport) void TITCALL SetNextDbgContinueStatus(DWORD SetDbgCode);
-__declspec(dllexport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack);
+__declspec(dllexport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, TITANCALLBACK CallBack);
 __declspec(dllexport) bool TITCALL DetachDebugger(DWORD ProcessId);
 __declspec(dllexport) bool TITCALL DetachDebuggerEx(DWORD ProcessId);
 __declspec(dllexport) void TITCALL DebugLoopEx(DWORD TimeOut);
-__declspec(dllexport) void TITCALL AutoDebugEx(const char* szFileName, bool ReserveModuleBase, const char* szCommandLine, const char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
-__declspec(dllexport) void TITCALL AutoDebugExW(const wchar_t* szFileName, bool ReserveModuleBase, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
+__declspec(dllexport) void TITCALL AutoDebugEx(const char* szFileName, bool ReserveModuleBase, const char* szCommandLine, const char* szCurrentFolder, DWORD TimeOut, TITANCBSOFTBP EntryCallBack);
+__declspec(dllexport) void TITCALL AutoDebugExW(const wchar_t* szFileName, bool ReserveModuleBase, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder, DWORD TimeOut, TITANCBSOFTBP EntryCallBack);
 __declspec(dllexport) bool TITCALL IsFileBeingDebugged();
 __declspec(dllexport) void TITCALL SetErrorModel(bool DisplayErrorMessages);
 // TitanEngine.FindOEP.functions: