From 9c29ab904058a9d148cbfbf25de9cec67ab04983 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20M=C3=A9lotte?= Date: Mon, 2 Jun 2025 13:55:55 +0200 Subject: [PATCH 1/2] fridump.py: fix TypeError with recent frida versions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit frida dropped support for enumerateRangesSync, which leads to the following error at runtime: --- Starting Memory dump... /home/rme/builds/fridump/./fridump.py:119: DeprecationWarning: Script.exports will become asynchronous in the future, use the explicit Script.exports_sync instead agent = script.exports Traceback (most recent call last): File "/home/rme/builds/fridump/./fridump.py", line 120, in ranges = agent.enumerate_ranges(PERMS) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/rme/builds/frida-tools/venv/lib/python3.11/site-packages/frida/core.py", line 180, in method return script._rpc_request(request, data, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/rme/builds/frida-tools/venv/lib/python3.11/site-packages/frida/core.py", line 86, in wrapper return f(*args, **kwargs) ^^^^^^^^^^^^^^^^^^ File "/home/rme/builds/frida-tools/venv/lib/python3.11/site-packages/frida/core.py", line 497, in _rpc_request raise result.error frida.core.RPCException: TypeError: not a function at enumerateRanges (/script1.js:5) at call (native) at handleRpcMessage (/frida/runtime/message-dispatcher.js:39) at handleMessage (/frida/runtime/message-dispatcher.js:25) --- Instead, frida now uses 'Process.enumerateRanges()'. See [1] for the current API. It's not clear which exact commit in frida contains this change, but the related internal frida javascript code has been updated in commit 09c8ba45de064c43fb4e20c91b2d4d0dc58edccc ("Modernize internal JavaScript code") which is part of frida-core 16.2.1 onwards. To fix it, switch to enumerateRanges() in fridump. While at it, add a missing newline at the end of the file (done automatically by text editor). [1]: https://frida.re/docs/javascript-api/#process Signed-off-by: Raphaël Mélotte --- fridump.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fridump.py b/fridump.py index e9a5dc2..3b81d43 100644 --- a/fridump.py +++ b/fridump.py @@ -105,7 +105,7 @@ def MENU(): rpc.exports = { enumerateRanges: function (prot) { - return Process.enumerateRangesSync(prot); + return Process.enumerateRanges(prot); }, readMemory: function (address, size) { return Memory.readByteArray(ptr(address), size); @@ -157,4 +157,4 @@ def MENU(): utils.strings(f1, DIRECTORY) i += 1 utils.printProgress(i, l, prefix='Progress:', suffix='Complete', bar=50) -print("Finished!") \ No newline at end of file +print("Finished!") From d879eeeb50c4263f3b9743a60bdd27f87f209ac3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20M=C3=A9lotte?= Date: Mon, 2 Jun 2025 14:01:37 +0200 Subject: [PATCH 2/2] fridump: fix type error related to Memory.readByteArray() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Recent frida versions changed the way memory is read. As a result, trying to dump memory using the verbose option with a recent frida version leads to the following error: --- DEBUG:Base Address: 0x2000000 DEBUG: DEBUG:Size: 402653184 DEBUG:Too big, splitting the dump into chunks DEBUG:Number of chunks:19.2 DEBUG:Save bytes: 33554432 till 54525952 DEBUG:[!]TypeError: not a function at readMemory (/script1.js:8) at call (native) at handleRpcMessage (/frida/runtime/message-dispatcher.js:39) at handleMessage (/frida/runtime/message-dispatcher.js:25) Oops, memory access violation! --- Instead of 'Memory.readByteArray()', frida now has 'NativePointer.readByteArray()'. See [1] for the corresponding API. It's not clear which exact commit introduced this change in frida, but the corresponding tests in frida-core have been update in commit 6f8b242eae0a79f4ebb3556cf092fd0ea58017d7 ("Eliminate use of deprecated APIs in tests") which is part of frida-core 16.2.1 onwards. To fix it, switch to using NativePointer.readByteArray in fridump as well. Fixes: https://github.com/Nightbringer21/fridump/issues/45 [1]: https://frida.re/docs/javascript-api/#nativepointer Signed-off-by: Raphaël Mélotte --- fridump.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fridump.py b/fridump.py index 3b81d43..7ceca7b 100644 --- a/fridump.py +++ b/fridump.py @@ -108,7 +108,7 @@ def MENU(): return Process.enumerateRanges(prot); }, readMemory: function (address, size) { - return Memory.readByteArray(ptr(address), size); + return ptr(address).readByteArray(size); } };