Joseph Doherty
fe2a6db786
rust / build / test / clippy / fmt (push) Has been cancelled
Layout:
- src/ .NET 10 x64 reference: MxNativeCodec, MxNativeClient,
MxAsbClient, probes, tests, harnesses. Executable spec.
- design/ Architectural plan for the Rust port (M0–M6), error
model, protocol invariants, risks (R1–R16), adversarial
review log (review.md).
- rust/ Rust workspace. M0 skeleton + M1 codec parity.
mxaccess-codec: 215 unit tests + 2 cross-implementation
parity tests (byte-identical against .NET reference).
Other crates are M0 stubs awaiting M2+.
- captures/ Frida + netsh + pcap evidence per CLAUDE.md
("captures are evidence, not throwaway logs").
- analysis/ Decompiled C# (frida/proxy/decompiled-*),
Ghidra exports for native DLLs (`exports/` only —
working state at `projects/` and AVEVA's input
binaries at `input/` are gitignored).
- docs/ Reverse-engineering reference docs.
- tools/ Setup-LiveProbeEnv.ps1 (Infisical credential fetcher),
Compute-Crc.ps1 (.NET parity helper).
- .github/workflows/ Rust CI: fmt + build + test + clippy on Windows.
- LICENSE MIT (Joseph Doherty, 2026).
Verified:
- cargo test --workspace → 217 passed (215 unit + 2 .NET parity), 0 failed
- cargo clippy --workspace -- -D warnings → clean
- cargo fmt --all -- --check → clean
- cargo publish --dry-run -p mxaccess-codec → packages cleanly
Excluded from history (see .gitignore):
- **/bin, **/obj, **/target — build artifacts
- analysis/ghidra/projects/ — Ghidra working state (regenerable)
- analysis/ghidra/input/ — AVEVA proprietary DLLs (vendor IP)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1.9 KiB
1.9 KiB
| 1 | capture | tag | type | values | com_variant_type | com_value_carrier | putrequest_size | putrequest_value_offset | putrequest_encoding | transferdata_size | transferdata_value_offset | processdatareceived_size | processdatareceived_value_offset | processdatareceived_encoding | notes |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2 | 023-frida-write-test-int-sequence-109-111 | TestChildObject.TestInt | int | 109,110,111 | VT_I4/0x3 | args[5] int32 | 40 | 18 | int32 little-endian | 86 | 64 | 88 | 84 | int32 little-endian | TransferData offset is 46-byte wrapper plus inner offset 18. |
| 3 | 024-frida-write-test-bool-sequence | TestChildObject.TestBool | bool | true,false,true | VT_BOOL/0xb | args[5] VARIANT_BOOL, true=0xffff false=0x0000 | 37 | 18 | 4-byte slot: true ff ff ff 00, false 00 ff ff 00 | 83 | 64 | 85 | 84 | data-change body final byte: true ff, false 00 | A separate 51-byte status-like ProcessDataReceived body appears after each write; the bool data-change value is in the 85-byte body. |
| 4 | 025-frida-write-test-float-sequence | TestChildObject.TestFloat | float | 1.25,2.5,3.75 | VT_R4/0x4 | args[5] float32 bits | 40 | 18 | float32 little-endian | 86 | 64 | 88 | 84 | float32 little-endian | Same 40-byte write body shape as int with scalar slot retyped. |
| 5 | 026-frida-write-test-double-sequence | TestChildObject.TestDouble | double | 1.125,2.25,4.5 | VT_R8/0x5 | args[5]/args[6] float64 bits | 44 | 18 | float64 little-endian | 90 | 64 | 92 | 84 | float64 little-endian | Body grows by 4 bytes relative to int/float. |
| 6 | 027-frida-write-test-string-sequence | TestChildObject.TestString | string | AlphaMX,BetaMX,GammaMX | VT_BSTR/0x8 | BSTR pointer | 58 or 60 | 26 | UTF-16LE string bytes | 104 or 106 | 72 | 106 or 108 | 92 | UTF-16LE string bytes | Size depends on string length; value starts 8 bytes later than numeric slot. |
| 7 | 028-frida-write-test-datetime-sequence | TestChildObject.TestDateTime | datetime | 2026-04-25T02:30:00,2026-04-25T02:31:00,2026-04-25T02:32:00 | VT_DATE/0x7 | args[5]/args[6] OLE Automation DATE double | 86 | 26 | UTF-16LE display string, e.g. 4/25/2026 2:30:00 AM | 132 | 72 | 98 | 88 | FILETIME little-endian | Outbound datetime is formatted as a string, while callback/update uses FILETIME. |