TextXtra

LunaHook/engine32/Reallive.cpp

@@ -229,7 +229,7 @@ bool avg3216dattach_function2()
   auto addr = MemDbg::findBytes(pattern2, sizeof(pattern2), processStartAddress, processStopAddress);
   if (addr == 0)
     return false;
-  addr = findfuncstart(addr, 0x200);
+  addr = findfuncstart(addr, 0x200,true);
   if (addr == 0)
     return false;
   HookParam hp;

LunaHook/engine32/Sprite.cpp

@@ -1,6 +1,7 @@
 #include "Sprite.h"
 
-bool Sprite_attach_function() {
+bool Sprite_attach_function()
+{
   // 恋と選挙とチョコレート
   auto m = GetModuleHandle(L"dirapi.dll");
   auto [minAddress, maxAddress] = Util::QueryModuleLimits(m);
@@ -21,23 +22,27 @@ bool Sprite_attach_function() {
       0x8D, 0x45, 0xF4,
       0x50,
       XX,
-    0xE8,XX4
-	};
+      0xE8, XX4};
   auto addr = MemDbg::findBytes(bytes, sizeof(bytes), minAddress, maxAddress);
-  if(addr==0)return false; 
-  if(((*(int*)(addr+22))+addr+22)!=((*(int*)(addr+35))+addr+35))return false;
+  if (addr == 0)
+    return false;
+  if (((*(int *)(addr + 22)) + addr + 22) != ((*(int *)(addr + 35)) + addr + 35))
+    return false;
   HookParam hp;
   hp.address = addr + sizeof(bytes);
   hp.offset = get_reg(regs::eax);
   hp.type = USING_STRING;
   return NewHook(hp, "Sprite");
 }
-namespace{
-  bool _h1(){
+namespace
+{
+  bool _h1()
+  {
     // https://vndb.org/v1714
     //[Selen]はらみこ
     auto FlashAssetx32 = GetModuleHandleW(L"Flash Asset.x32");
-    if(FlashAssetx32==0)return false;
+    if (FlashAssetx32 == 0)
+      return false;
     auto [s, e] = Util::QueryModuleLimits(FlashAssetx32);
     const BYTE bytes[] = {
         0x56, 0x57, 0x6a, 0xff,
@@ -47,7 +52,8 @@ namespace{
         0xff, 0x15, XX4 // MultiByteToWideChar
     };
     auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e);
-    if(addr==0)return false;
+    if (addr == 0)
+      return false;
     HookParam hp;
     hp.address = addr + sizeof(bytes); // 不知道从哪jump到call MultiByteToWideChar的
     hp.offset = get_stack(5);
@@ -60,9 +66,11 @@ namespace{
     return NewHook(hp, "Flash Asset");
   }
 
-  bool _h2(){
+  bool _h2()
+  {
     auto TextXtra = GetModuleHandleW(L"TextXtra.x32");
-    if(TextXtra==0)return false;
+    if (TextXtra == 0)
+      return false;
     auto [s, e] = Util::QueryModuleLimits(TextXtra);
     const BYTE bytes[] = {
         0xff, 0x75, 0x18,
@@ -72,12 +80,13 @@ namespace{
         0xff, 0x75, 0x0c,
         0xe8, XX4,
         0x66, 0x85, 0xc0,
-      0x74
-	  };
+        0x74};
     auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e);
-    if(addr==0)return false;
+    if (addr == 0)
+      return false;
     addr = findfuncstart(addr, 0x100);
-    if(addr==0)return false;
+    if (addr == 0)
+      return false;
     HookParam hp;
     hp.address = addr;
     hp.offset = get_stack(2);
@@ -85,6 +94,52 @@ namespace{
     return NewHook(hp, "TextXtra");
   }
 }
-bool Sprite::attach_function() {
+bool Sprite::attach_function()
+{
   return Sprite_attach_function() | _h1() | _h2();
 }
+namespace
+{
+  bool h3()
+  {
+    // https://vndb.org/v5864
+    // in white
+
+    auto TextXtra = GetModuleHandleW(L"TextXtra.x32");
+    if (TextXtra == 0)
+      return false;
+    auto [s, e] = Util::QueryModuleLimits(TextXtra);
+    // Text Asset.x32->this function
+    const BYTE bytes[] = {
+        //clang-format off
+        0x55, 0x8b, 0xec,
+        0x56,
+        0x8b, 0x75, 0x08,
+        0x8b, 0x46, 0x04,
+        0x66, 0x8b, 0x48, 0x32,
+        0x51,
+        0x6a, 0x00,
+        0xff, 0x75, 0x18,
+        0xff, 0x75, 0x14,
+        0xff, 0x75, 0x10,
+        0xff, 0x75, 0x0c,
+        0xff, 0x70, 0x24,
+        0xe8, XX4,
+        0x66, 0x85, 0xc0,
+        0x74, XX,
+        //clang-format on
+    };
+    auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e);
+    if (addr == 0)
+      return false;
+    HookParam hp;
+    hp.address = addr;
+    hp.offset = get_stack(2);
+    hp.type = USING_STRING;
+    return NewHook(hp, "TextXtra2");
+  }
+}
+bool TextXtra_x32::attach_function()
+{
+  return _h2() || h3();
+}

LunaHook/engine32/Sprite.h

@@ -1,11 +1,27 @@
 
 
-class Sprite:public ENGINE{public:
-    Sprite(){
+class Sprite : public ENGINE
+{
+public:
+    Sprite()
+    {
+        is_engine_certain = false;
+        check_by = CHECK_BY::FILE;
+        check_by_target = L"*.cct";
+    };
+    bool attach_function();
+};
+class TextXtra_x32 : public ENGINE
+{
+
+public:
+    TextXtra_x32()
+    {
         is_engine_certain = false;
         check_by = CHECK_BY::CUSTOM;
-        check_by_target=[](){
-            return Util::CheckFile(L"*.cct");
+        check_by_target = []()
+        {
+            return GetModuleHandle(L"TextXtra.x32");
         };
     };
     bool attach_function();

LunaHook/enginecollection32.cpp

@@ -400,5 +400,6 @@ std::vector<ENGINE *> check_engines()
         new Onscripter,
         new TACTICS,
         new RealliveX,
+        new TextXtra_x32,
     };
 }

LunaHook/main.cc

@@ -101,7 +101,23 @@ void ConsoleOutput(LPCSTR text, ...)
 	vsnprintf(buffer.message, MESSAGE_SIZE, text, args);
 	WriteFile(hookPipe, &buffer, sizeof(buffer), DUMMY, nullptr);
 }
-
+Synchronized<std::unordered_map<uintptr_t, std::wstring>> modulecache;
+std::wstring &querymodule(uintptr_t addr)
+{
+	auto &re = modulecache.Acquire().contents;
+	if (re.find(addr) != re.end())
+		return re.at(addr);
+	WCHAR fn[MAX_PATH];
+	if (GetModuleFileNameW((HMODULE)addr, fn, MAX_PATH))
+	{
+		re[addr] = wcsrchr(fn, L'\\') + 1;
+	}
+	else
+	{
+		re[addr] = L"";
+	}
+	return re[addr];
+}
 void NotifyHookFound(HookParam hp, wchar_t *text)
 {
 	if (hp.jittype == JITTYPE::PC)
@@ -109,10 +125,13 @@ void NotifyHookFound(HookParam hp, wchar_t *text)
 			if (AutoHandle<> process = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, FALSE, GetCurrentProcessId()))
 				if (MEMORY_BASIC_INFORMATION info = {}; VirtualQueryEx(process, (LPCVOID)hp.address, &info, sizeof(info)))
 				{
-
+					auto mm = querymodule((uintptr_t)info.AllocationBase);
+					if (mm.size())
+					{
 						hp.type |= MODULE_OFFSET;
 						hp.address -= (uint64_t)info.AllocationBase;
-					wcsncpy_s(hp.module, processName, ARRAYSIZE(hp.module));
+						wcsncpy_s(hp.module, mm.c_str(), MAX_MODULE_SIZE - 1);
+					}
 				}
 	HookFoundNotif buffer(hp, text);
 	WriteFile(hookPipe, &buffer, sizeof(buffer), DUMMY, nullptr);

LunaHook/util/util.cc

@@ -428,16 +428,21 @@ uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,W
   else
     return MemDbg::findBytes(bytes,sizeof(bytes),start,end);
 }
-uintptr_t findfuncstart(uintptr_t start,uintptr_t range){
+uintptr_t findfuncstart(uintptr_t start,uintptr_t range,bool checkalign){
   const BYTE funcstart[] = {
     0x55,0x8b,0xec
   };
+  if(checkalign){
     start &= ~0xf;
     for (uintptr_t i = start, j = start - range; i >= j; i-=0x10) {
       if(memcmp((void*)i,funcstart,3)==0)return i;
     }
     return 0;
   }
+  else{
+    return reverseFindBytes(funcstart, sizeof(funcstart), start-range, start);
+  }
+}
 #define buildbytes(ret) auto entry=Util::FindImportEntry(hmodule,addr); \
   if(entry==0)return ret;\
   BYTE bytes[]={XX,XX,XX4};\

LunaHook/util/util.h

@@ -56,7 +56,7 @@ ULONG SafeMatchBytesInGCMemory(LPCVOID pattern, DWORD patternSize);
 std::vector<DWORD> findrelativecall(const BYTE* pattern ,int length,DWORD calladdress,DWORD start, DWORD end);
 std::vector<DWORD> findxref_reverse_checkcallop(DWORD addr, DWORD from, DWORD to,BYTE op) ;
 uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,WORD sig=0x15ff,bool reverse=false);
-uintptr_t findfuncstart(uintptr_t addr,uintptr_t range=0x100);
+uintptr_t findfuncstart(uintptr_t addr,uintptr_t range=0x100, bool checkalign=false);
 uintptr_t findiatcallormov(uintptr_t addr, DWORD hmodule,uintptr_t start, uintptr_t end,bool reverse=false,BYTE movreg=0);
 std::vector<uintptr_t> findiatcallormov_all(uintptr_t addr, DWORD hmodule,uintptr_t start, uintptr_t end,DWORD protect,BYTE movreg=0);