avg3217d

LunaHook/engine32/Reallive.cpp

@@ -177,7 +177,7 @@ bool Reallive::attach_function()
   return true;
 }
 
-bool avg3216d::attach_function()
+bool avg3216dattach_function()
 {
   BYTE pattern1[] = {
       //clang-format off
@@ -209,3 +209,37 @@ bool avg3216d::attach_function()
   // GROWL_DWORD(hp.address);
   return NewHook(hp, "avg3216d");
 }
+
+bool avg3216dattach_function2()
+{
+  // https://vndb.org/v12860
+  // effect～悪魔の仔～
+  BYTE pattern2[] = {
+      //clang-format off
+      0x80, 0xf9, 0x81,
+      0x72, 0x05,
+      0x80, 0xf9, 0x9f,
+      0x76, XX, // 76 17
+      0x80, 0xf9, 0xe0,
+      0x72, 0x05,
+      0x80, 0xf9, 0xfc,
+      0x76, 0x0d,
+      //clang-format on
+  };
+  auto addr = MemDbg::findBytes(pattern2, sizeof(pattern2), processStartAddress, processStopAddress);
+  if (addr == 0)
+    return false;
+  addr = findfuncstart(addr, 0x200);
+  if (addr == 0)
+    return false;
+  HookParam hp;
+  hp.address = addr;
+  hp.offset = get_stack(1);
+  hp.type = USING_STRING;
+  // GROWL_DWORD(hp.address);
+  return NewHook(hp, "avg3217d");
+}
+bool avg3216d::attach_function()
+{
+  return avg3216dattach_function() || avg3216dattach_function2();
+}

LunaHook/util/util.cc

@@ -428,12 +428,15 @@ uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,W
   else
     return MemDbg::findBytes(bytes,sizeof(bytes),start,end);
 }
-uintptr_t findfuncstart(uintptr_t addr,uintptr_t range){
+uintptr_t findfuncstart(uintptr_t start,uintptr_t range){
   const BYTE funcstart[] = {
     0x55,0x8b,0xec
   };
-  addr = reverseFindBytes(funcstart, sizeof(funcstart), addr-range, addr);
-  return addr;
+  start &= ~0xf;
+  for (uintptr_t i = start, j = start - range; i >= j; i-=0x10) {
+    if(memcmp((void*)i,funcstart,3)==0)return i;
+  }
+  return 0;
 }
 #define buildbytes(ret) auto entry=Util::FindImportEntry(hmodule,addr); \
   if(entry==0)return ret;\