From 25fbe8a6f6c126ba31aa6b7eabfa81d67e75b29f Mon Sep 17 00:00:00 2001
From: ussrhero <ussrhero@outlook.com>
Date: Fri, 14 Feb 2020 00:52:58 +0300
Subject: [PATCH] added : getVaState ( state of memory: commited, reserved,
 free) added : getVaType ( type of memory: image, mapped, private ) added :
 getVaAttributes ( returns tuple of (protect, state, type) )

---
 kdlibcpp                |  2 +-
 pykd/pymemaccess.h      | 24 ++++++++++++++++++++++++
 pykd/pymod.cpp          | 22 ++++++++++++++++++++--
 test/scripts/memtest.py |  6 ++++++
 4 files changed, 51 insertions(+), 3 deletions(-)

diff --git a/kdlibcpp b/kdlibcpp
index e24cbc8..5be28cd 160000
--- a/kdlibcpp
+++ b/kdlibcpp
@@ -1 +1 @@
-Subproject commit e24cbc8596b86e23c0b8c6d133f21220d00ff094
+Subproject commit 5be28cda0ef7473125813c250adceef4d07218a4
diff --git a/pykd/pymemaccess.h b/pykd/pymemaccess.h
index 4dd50eb..07581ec 100644
--- a/pykd/pymemaccess.h
+++ b/pykd/pymemaccess.h
@@ -266,8 +266,32 @@ inline kdlib::MemoryProtect getVaProtect( kdlib::MEMOFFSET_64 offset )
     return kdlib::getVaProtect(offset);
 }
 
+inline kdlib::MemoryState getVaState(kdlib::MEMOFFSET_64 offset)
+{
+    AutoRestorePyState  pystate;
+    return kdlib::getVaState(offset);
+}
 
+inline kdlib::MemoryType getVaType(kdlib::MEMOFFSET_64 offset)
+{
+    AutoRestorePyState  pystate;
+    return kdlib::getVaType(offset);
+}
 
+inline python::tuple getVaAttributes(kdlib::MEMOFFSET_64 offset)
+{
+    kdlib::MemoryProtect  memProtect;
+    kdlib::MemoryState  memState;
+    kdlib::MemoryType  memType;
+    {
+        AutoRestorePyState  pystate;
+        memProtect = kdlib::getVaProtect(offset);
+        memState = kdlib::getVaState(offset);
+        memType = kdlib::getVaType(offset);
+    }
+
+    return python::make_tuple(memProtect, memState, memType);
+}
 
 } // end namespace pykd
 
diff --git a/pykd/pymod.cpp b/pykd/pymod.cpp
index b8a09bc..4f3511f 100644
--- a/pykd/pymod.cpp
+++ b/pykd/pymod.cpp
@@ -282,7 +282,13 @@ void pykd_init()
     python::def( "findMemoryRegion", pykd::findMemoryRegion,
         "Return address of begining valid memory region nearest to offset" );
     python::def( "getVaProtect", pykd::getVaProtect,
-        "Return memory attributes" );
+        "Return memory protect" );
+    python::def( "getVaType", pykd::getVaType,
+        "Return memory type");
+    python::def( "getVaState", pykd::getVaProtect,
+        "Return memory state");
+    python::def("getVaAttributes", pykd::getVaAttributes,
+        "Return memory attributes");
 
     python::def( "ptrByte", pykd::ptrByte,
         "Read an unsigned 1-byte integer from the target memory" );
@@ -1051,7 +1057,7 @@ void pykd_init()
         .def("getNumberFields", TypedVarAdapter::getElementCount,
             "Return number of fields")
         .def("field", TypedVarAdapter::getField,
-            "Return field of structure")
+            "Return fielged of structure")
         .def("field", TypedVarAdapter::getElementByIndex,
             "Return field of structure or array" )
         .def("setField", TypedVarAdapter::setField,
@@ -1401,6 +1407,18 @@ void pykd_init()
         .value("PageExecuteWriteCopy", kdlib::PageExecuteWriteCopy)
         ;
 
+    python::enum_<kdlib::MemoryState>("memoryState", "Memory state")
+        .value("Commit", kdlib::MemCommit)
+        .value("Reserve", kdlib::MemReserve)
+        .value("Free", kdlib::MemFree)
+        ;
+
+    python::enum_<kdlib::MemoryType>("memoryType", "Memory type")
+        .value("Mapped", kdlib::MemMapped)
+        .value("Image", kdlib::MemImage)
+        .value("Private", kdlib::MemPrivate)
+        ;
+
     python::enum_<kdlib::ProcessDebugOptions>("ProcessDebugOptions", "Process debug option")
         .value("BreakOnStart", kdlib::ProcessBreakOnStart)
         .value("BreakOnStop", kdlib::ProcessBreakOnStop)
diff --git a/test/scripts/memtest.py b/test/scripts/memtest.py
index a86d232..f06cf49 100644
--- a/test/scripts/memtest.py
+++ b/test/scripts/memtest.py
@@ -182,6 +182,12 @@ class MemoryTest( unittest.TestCase ):
         self.assertTrue( pykd.isValid( target.module.begin() ) )
         self.assertFalse( pykd.isValid( 0 ) )
         self.assertFalse( pykd.isValid( 0xDEADBEAF ) )
+
+    def testVaAttrib(self):
+        self.assertEqual( \
+           (pykd.memoryProtect.PageWriteCopy, pykd.memoryState.Commit, pykd.memoryType.Image), \
+           pykd.getVaAttributes(target.module.begin()) \
+           )
         
     def testPtrList( self ):
         lst = pykd.loadPtrList( target.module.g_listHead )