diff --git a/CMakeLists.txt b/CMakeLists.txt index b16e331..25aa248 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -61,8 +61,8 @@ set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} ${CMAKE_SOURCE_DIR}/version) include(generate_product_version) set(VERSION_MAJOR 3) -set(VERSION_MINOR 15) -set(VERSION_PATCH 1) +set(VERSION_MINOR 16) +set(VERSION_PATCH 0) set(VERSION_REVISION 0) if(BUILD_CORE) diff --git a/LunaHook/CMakeLists.txt b/LunaHook/CMakeLists.txt index 0c2dfb5..d839396 100644 --- a/LunaHook/CMakeLists.txt +++ b/LunaHook/CMakeLists.txt @@ -51,4 +51,4 @@ target_precompile_headers(LunaHook REUSE_FROM pchhook) set_target_properties(LunaHook PROPERTIES OUTPUT_NAME "LunaHook${bitappendix}") -target_link_libraries(LunaHook Version httpapi ws2_32 Shlwapi pch minhook commonengine utils ${YY_Thunks_for_WinXP} ${Detours}) \ No newline at end of file +target_link_libraries(LunaHook Version httpapi ws2_32 Shlwapi pch minhook commonengine utils ${YY_Thunks_for_WinXP}) \ No newline at end of file diff --git a/LunaHook/embed_util.cc b/LunaHook/embed_util.cc index 75d2c4d..7f5345a 100644 --- a/LunaHook/embed_util.cc +++ b/LunaHook/embed_util.cc @@ -1,3 +1,5 @@ +#include "MinHook.h" + DynamicShiftJISCodec *dynamiccodec = new DynamicShiftJISCodec(932); void cast_back(const HookParam &hp, void *data, size_t *len, const std::wstring &trans, bool normal) @@ -72,14 +74,19 @@ bool _1f() return 0; } bool _1 = _1f(); -void ReplaceFunction(PVOID *oldf, PVOID newf) +bool ReplaceFunction(PVOID oldf, PVOID newf, PVOID *pOrigin) { - - RemoveHook((uintptr_t)*oldf); - DetourTransactionBegin(); - DetourUpdateThread(GetCurrentThread()); - DetourAttach((PVOID *)oldf, (PVOID)newf); - DetourTransactionCommit(); + PVOID oldx; + if (!pOrigin) + pOrigin = &oldx; + RemoveHook((uintptr_t)oldf); + if (MH_OK == MH_CreateHook(oldf, newf, pOrigin)) + return MH_OK == MH_EnableHook(oldf); + else + { + MH_RemoveHook(oldf); + return false; + } } void attachFunction(uintptr_t _hook_font_flag) { @@ -89,23 +96,23 @@ void attachFunction(uintptr_t _hook_font_flag) { if (_func.second.attached) continue; - _func.second.attached = true; - *_func.second.oldFunction = _func.second.addr; - replacedfuns.push_back(_func.first); - ReplaceFunction((PVOID *)_func.second.oldFunction, (PVOID)_func.second.newFunction); + + if (ReplaceFunction((PVOID)_func.second.addr, (PVOID)_func.second.newFunction, (PVOID *)_func.second.oldFunction)) + { + _func.second.attached = true; + replacedfuns.push_back(_func.first); + } } } } void detachall() { - DetourTransactionBegin(); - DetourUpdateThread(GetCurrentThread()); for (auto _flag : replacedfuns) { auto info = funcs.at(_flag); - DetourDetach((PVOID *)info.oldFunction, (PVOID)info.newFunction); + if (MH_OK == MH_DisableHook((LPVOID)info.addr)) + MH_RemoveHook((LPVOID)info.addr); } - DetourTransactionCommit(); } void solvefont(HookParam hp) { diff --git a/LunaHook/embed_util.h b/LunaHook/embed_util.h index dca375d..602c966 100644 --- a/LunaHook/embed_util.h +++ b/LunaHook/embed_util.h @@ -28,7 +28,7 @@ namespace Engine }; } inline std::atomic patch_fun = nullptr; -void ReplaceFunction(PVOID *oldf, PVOID newf); +bool ReplaceFunction(PVOID oldf, PVOID newf, PVOID *pOrigin = nullptr); bool check_embed_able(const ThreadParam &tp); bool checktranslatedok(void *data, size_t len); #endif \ No newline at end of file diff --git a/LunaHook/engine32/CatSystem.cpp b/LunaHook/engine32/CatSystem.cpp index 98cee38..cdea079 100644 --- a/LunaHook/engine32/CatSystem.cpp +++ b/LunaHook/engine32/CatSystem.cpp @@ -827,7 +827,7 @@ namespace hp.hook_font = F_GetGlyphOutlineA; patch_fun = []() { - ReplaceFunction((PVOID *)&p, (PVOID)(ULONG)Patch::Private::isLeadByteChar); + ReplaceFunction((PVOID)p, (PVOID)(ULONG)Patch::Private::isLeadByteChar); }; } diff --git a/LunaHook/engine32/LCScript.cpp b/LunaHook/engine32/LCScript.cpp index 57b6144..243604f 100644 --- a/LunaHook/engine32/LCScript.cpp +++ b/LunaHook/engine32/LCScript.cpp @@ -1,1001 +1,1013 @@ -#include"LCScript.h" -namespace { // unnamed -namespace ScenarioHook { -namespace Private { - - // Skip trailing 0203 - LPCSTR trim(LPCSTR text, int *size) +#include "LCScript.h" +namespace +{ // unnamed + namespace ScenarioHook { - auto length = *size; - while (length && (UINT8)text[0] <= 127) { // remove all leading ASCII characters including zeros - text++; - length--; - } - while (length && (UINT8)text[length - 1] == 0) // remove all trailing zeros - length--; - // remove all trailing illegal double-characters - enum { MinimumByte = 0x6 }; // the same as dynamicEncodingMinimumByte - while (length >= 2 && (UINT8)text[length - 1] < MinimumByte && (UINT8)text[length - 2] < MinimumByte) - length -= 2; - *size = length; - return text; - } - - /** - * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ - * - * 067C73FA 8F CD 90 6D 01 81 75 96 7B 93 96 82 C9 82 B1 82 章仁「本当にこ・ - * 067C740A F1 82 C8 82 C6 82 B1 82 EB 82 AA 82 A0 82 E9 82 ネところがある・ - * 067C741A F1 82 BE 82 C8 82 9F 81 63 81 63 81 76 02 03 00 セなぁ……」. - * 067C742A 38 00 00 00 01 81 40 96 DA 82 CC 91 4F 82 C9 8D 8... 目の前に・ - * 067C743A 4C 82 AA 82 E9 8C F5 8C 69 82 F0 91 4F 82 C9 81 Lがる光景を前に・ - * - * Name/scenario splitter: 01 () - * New line splitter: 0203 () - */ - - // 0042FBE8 A1 E8234A00 MOV EAX,DWORD PTR DS:[0x4A23E8] ; jichi: text length here - // - // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text length here - // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here - // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX - // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: offset - // 0042FC1A 8BF8 MOV EDI,EAX - // 0042FC1C 8BC1 MOV EAX,ECX - // 0042FC1E 83C4 04 ADD ESP,0x4 - // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] - - ULONG textBaseAddress_, // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] - textOffset_; // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] - - std::string data_; - - /** - * Sample game: 姦獄学園 - * Sample stack when hook1 is invoked: - * 0012FE10 00000003 - * 0012FE14 00000008 - * 0012FE18 7FFDF000 - * 0012FE1C 00000000 - * 0012FE20 00000000 - * 0012FE24 0012FEB0 Pointer to next SEH record - * 0012FE28 00480918 SE handler - * 0012FE2C 00000000 - * 0012FE30 00419B16 RETURN to .00419B16 from .0040169F - * 0012FE34 0012FE4C - * 0012FE38 0012FE70 - * 0012FE3C 00000040 - * 0012FE40 77032EB2 user32.PeekMessageA - * 0012FE44 00000000 - * 0012FE48 00000039 - * 0012FE4C 00000002 - * 0012FE50 00000039 - * 0012FE54 00000000 - * 0012FE58 00000000 - * - * Scenario thread caller: - * - * 0041C27C E8 D65AFEFF CALL .00401D57 - * 0041C281 8D5424 38 LEA EDX,DWORD PTR SS:[ESP+0x38] - * 0041C285 68 00040000 PUSH 0x400 - * 0041C28A 8D4424 34 LEA EAX,DWORD PTR SS:[ESP+0x34] - * 0041C28E 52 PUSH EDX - * 0041C28F 50 PUSH EAX - * 0041C290 E8 2354FEFF CALL .004016B8 ; jichi: scenario caller here - * 0041C295 83C4 0C ADD ESP,0xC - * 0041C298 8D4C24 38 LEA ECX,DWORD PTR SS:[ESP+0x38] - * 0041C29C 8B15 B44E4A00 MOV EDX,DWORD PTR DS:[0x4A4EB4] - * 0041C2A2 51 PUSH ECX - * 0041C2A3 8B0D 5C0A4A00 MOV ECX,DWORD PTR DS:[0x4A0A5C] - * 0041C2A9 8BC1 MOV EAX,ECX - * - * Other thread callers: - * - * 00421298 8D8424 B0000000 LEA EAX,DWORD PTR SS:[ESP+0xB0] - * 0042129F 50 PUSH EAX - * 004212A0 51 PUSH ECX - * 004212A1 895424 2C MOV DWORD PTR SS:[ESP+0x2C],EDX - * 004212A5 E8 0E04FEFF CALL .004016B8 ; jichi: other caller - * 004212AA 8D5424 38 LEA EDX,DWORD PTR SS:[ESP+0x38] - * 004212AE 68 80000000 PUSH 0x80 - * 004212B3 8D4424 24 LEA EAX,DWORD PTR SS:[ESP+0x24] - * 004212B7 52 PUSH EDX - * 004212B8 50 PUSH EAX - * 004212B9 E8 FA03FEFF CALL .004016B8 ; jichi: other here - * 004212BE 83C4 18 ADD ESP,0x18 - * 004212C1 83FF 01 CMP EDI,0x1 - * 004212C4 75 68 JNZ SHORT .0042132E - * - * - * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ - * Sample scenario caller: - * 0041C0C4 8D4424 38 LEA EAX,DWORD PTR SS:[ESP+0x38] - * 0041C0C8 68 00040000 PUSH 0x400 - * 0041C0CD 8D4C24 34 LEA ECX,DWORD PTR SS:[ESP+0x34] - * 0041C0D1 50 PUSH EAX - * 0041C0D2 51 PUSH ECX - * 0041C0D3 E8 C755FEFF CALL .0040169F ; jichi: called here - * 0041C0D8 8B0D 4CE94900 MOV ECX,DWORD PTR DS:[0x49E94C] - * 0041C0DE 8B35 00244A00 MOV ESI,DWORD PTR DS:[0x4A2400] - * 0041C0E4 8BC1 MOV EAX,ECX - * 0041C0E6 83C4 0C ADD ESP,0xC - * - * 0012FA54 00000001 - * 0012FA58 00000006 - * 0012FA5C 7707EA71 user32.MessageBoxA - * 0012FA60 00000000 - * 0012FA64 00000000 - * 0012FA68 0012FF78 Pointer to next SEH record - * 0012FA6C 00480918 SE handler - * 0012FA70 00000000 - * 0012FA74 0041C0D8 RETURN to .0041C0D8 from .0040169F - * 0012FA78 0012FAB4 - * 0012FA7C 0012FABC - * 0012FA80 00000400 ; jichi: used as split to identify scenario thread - * 0012FA84 00000003 - * 0012FA88 77032EB2 user32.PeekMessageA - * 0012FA8C 77033569 user32.DispatchMessageA - * 0012FA90 7FFDF000 - * 0012FA94 00000000 - * 0012FA98 00000000 - * - * Other thread caller: - * 0012FD60 00000001 - * 0012FD64 00000001 - * 0012FD68 7FFDF000 - * 0012FD6C 00000000 - * 0012FD70 00000000 - * 0012FD74 0012FF78 Pointer to next SEH record - * 0012FD78 00480918 SE handler - * 0012FD7C 00000000 - * 0012FD80 0042113A RETURN to .0042113A from .0040169F - * 0012FD84 0012FDAC - * 0012FD88 0012FE3C - * 0012FD8C 00000080 ; jichi: arg3 - * 0012FD90 00000003 - * 0012FD94 77032EB2 user32.PeekMessageA - * 0012FD98 77033569 user32.DispatchMessageA - * 0012FD9C 00000002 - * 0012FDA0 00000034 - * 0012FDA4 00000002 - * 0012FDA8 0000006D - * 0012FDAC 00000002 - * 0012FDB0 00000034 - * 0012FDB4 00000000 - * 0012FDB8 00000001 - * 0012FDBC 001907D0 - * 0012FDC0 00000202 - * - * Sample game: 恋姫†無双 - * ecx = 0x22 - * Sample game text containing zeros - * 01D6B13B 8E A9 8C 52 81 41 05 04 00 00 00 01 81 40 81 40 自軍、...   - * 01D6B14B 81 40 91 CE 01 93 47 8C 52 81 41 05 05 00 00 00  対敵軍、... - * 01D6B15B 02 00 14 00 00 00 5F 62 74 6C 5F 53 65 74 57 61 ...._btl_SetWa - * 01D6B16B 7A 61 42 74 6E 53 72 63 59 00 0D 00 00 00 5F 62 zaBtnSrcY....._b - * 01D6B17B 74 6C 5F 63 6D 64 63 68 69 70 00 0F 00 00 00 5F tl_cmdchip...._ - * 01D6B18B 62 74 6C 5F 63 6D 64 63 68 69 70 5F 6D 00 0D 00 btl_cmdchip_m... - * 01D6B19B 00 00 5F 62 74 6C 5F 6F 6E 6D 6F 75 73 65 00 0E .._btl_onmouse. - * 01D6B1AB 00 00 00 5F 62 74 6C 5F 73 65 6C 65 63 74 65 64 ..._btl_selected - * 01D6B1BB 00 0B 00 00 00 5F 62 74 6C 5F 52 65 74 72 79 00 . ..._btl_Retry. - * 01D6B1CB 13 00 00 00 5F 62 74 6C 5F 43 6C 65 61 6E 75 70 ..._btl_Cleanup - * - * ecx = 0x19 - * 01D6B317 81 40 04 6B 00 00 00 82 CC 91 B9 8A 51 82 F0 97  k...の損害を・ - * 01D6B327 5E 82 A6 82 BD 81 42 02 00 10 00 00 00 5F 62 74 ^えた。...._bt - * 01D6B337 6C 5F 57 61 7A 61 5F 43 68 6F 75 6E 00 17 00 00 l_Waza_Choun... - * 01D6B347 00 5F 62 74 6C 5F 57 61 7A 61 45 6E 65 6D 79 5F ._btl_WazaEnemy_ - * 01D6B357 42 75 66 66 41 54 4B 00 10 00 00 00 5F 62 74 6C BuffATK...._btl - * 01D6B367 5F 57 61 7A 61 5F 4B 6F 63 68 75 00 1C 00 00 00 _Waza_Kochu.... - */ - - bool hook1(hook_stack*s,void* data, size_t* len1,uintptr_t*role) - { - data_.clear(); - - int size = s->eax - 1; - if (size <= 0) - return false; - - // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here - // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here - // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] - // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX - // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: base addr, [[0x4A23E8] + 0x2944] - // 0042FC1A 8BF8 MOV EDI,EAX - // 0042FC1C 8BC1 MOV EAX,ECX - // 0042FC1E 83C4 04 ADD ESP,0x4 - // - // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: hook2, text in esi - - ULONG edx, esi; + namespace Private { - edx = *(DWORD *)textBaseAddress_; // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] - edx = *(DWORD *)(edx + textOffset_); // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] - esi = *(DWORD *)(s->esi + 0x4); // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - esi = edx + esi + 0x4; // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] - } - auto text = (LPCSTR)esi; - if (!*text - //|| ::strlen(text) != size - || text[size] // text length not verified since there could be trailing zeros - || ::isalpha(text[0]) && ::isalpha(text[1]) // Sample system text in 恋姫無双: bcg_剣道場a - ||all_ascii(text)) - return false; + // Skip trailing 0203 + LPCSTR trim(LPCSTR text, int *size) + { + auto length = *size; + while (length && (UINT8)text[0] <= 127) + { // remove all leading ASCII characters including zeros + text++; + length--; + } + while (length && (UINT8)text[length - 1] == 0) // remove all trailing zeros + length--; + // remove all trailing illegal double-characters + enum + { + MinimumByte = 0x6 + }; // the same as dynamicEncodingMinimumByte + while (length >= 2 && (UINT8)text[length - 1] < MinimumByte && (UINT8)text[length - 2] < MinimumByte) + length -= 2; + *size = length; + return text; + } - auto trimmedSize = size; - auto trimmedText = trim(text, &trimmedSize); - if (trimmedSize <= 0) - return false; + /** + * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ + * + * 067C73FA 8F CD 90 6D 01 81 75 96 7B 93 96 82 C9 82 B1 82 章仁「本当にこ・ + * 067C740A F1 82 C8 82 C6 82 B1 82 EB 82 AA 82 A0 82 E9 82 ネところがある・ + * 067C741A F1 82 BE 82 C8 82 9F 81 63 81 63 81 76 02 03 00 セなぁ……」. + * 067C742A 38 00 00 00 01 81 40 96 DA 82 CC 91 4F 82 C9 8D 8... 目の前に・ + * 067C743A 4C 82 AA 82 E9 8C F5 8C 69 82 F0 91 4F 82 C9 81 Lがる光景を前に・ + * + * Name/scenario splitter: 01 () + * New line splitter: 0203 () + */ - //auto size = s->ecx * 4; - //auto dst = (LPSTR)s->edi; - * role = Engine::OtherRole; - auto retaddr = s->stack[8]; - //if ((*(DWORD *)retaddr & 0xffffff) == 0x0cc483) // 0041C295 83C4 0C ADD ESP,0xC - // role = Engine::ScenarioRole; - auto arg3 = s->stack[8 + 3]; - if (arg3 == 0x400) - *role = Engine::ScenarioRole; - // 8/7/2015: Here, I could also split choice and scenario from the retaddr. - // But I didn't so that choice can also be display the same way asn scenario. - //sig = retaddr; + // 0042FBE8 A1 E8234A00 MOV EAX,DWORD PTR DS:[0x4A23E8] ; jichi: text length here + // + // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text length here + // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here + // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX + // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: offset + // 0042FC1A 8BF8 MOV EDI,EAX + // 0042FC1C 8BC1 MOV EAX,ECX + // 0042FC1E 83C4 04 ADD ESP,0x4 + // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] - std::string oldData(trimmedText, trimmedSize); + ULONG textBaseAddress_, // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] + textOffset_; // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] - static const std::string zero_bytes(1, '\0'); - const char *zero_str = LCSE_0; + std::string data_; - bool containsZeros = false; - if (oldData.find('\0')!=oldData.npos) { - containsZeros = true; - strReplace(oldData, zero_bytes, zero_str); - //oldData.replace(zero_bytes, zero_str); - *role = Engine::OtherRole; - // FIXME: There could be individual ascii letters before zeros (such as "k" and "n") - // They should be escaped here. - // Escaping not implemented since I am lazy. - } - write_string_overwrite(data,len1,oldData); - return true; - } - void hookafter(hook_stack*s,void* data, size_t len1){ - - int size = s->eax - 1; - if (size <= 0) - return ; + /** + * Sample game: 姦獄学園 + * Sample stack when hook1 is invoked: + * 0012FE10 00000003 + * 0012FE14 00000008 + * 0012FE18 7FFDF000 + * 0012FE1C 00000000 + * 0012FE20 00000000 + * 0012FE24 0012FEB0 Pointer to next SEH record + * 0012FE28 00480918 SE handler + * 0012FE2C 00000000 + * 0012FE30 00419B16 RETURN to .00419B16 from .0040169F + * 0012FE34 0012FE4C + * 0012FE38 0012FE70 + * 0012FE3C 00000040 + * 0012FE40 77032EB2 user32.PeekMessageA + * 0012FE44 00000000 + * 0012FE48 00000039 + * 0012FE4C 00000002 + * 0012FE50 00000039 + * 0012FE54 00000000 + * 0012FE58 00000000 + * + * Scenario thread caller: + * + * 0041C27C E8 D65AFEFF CALL .00401D57 + * 0041C281 8D5424 38 LEA EDX,DWORD PTR SS:[ESP+0x38] + * 0041C285 68 00040000 PUSH 0x400 + * 0041C28A 8D4424 34 LEA EAX,DWORD PTR SS:[ESP+0x34] + * 0041C28E 52 PUSH EDX + * 0041C28F 50 PUSH EAX + * 0041C290 E8 2354FEFF CALL .004016B8 ; jichi: scenario caller here + * 0041C295 83C4 0C ADD ESP,0xC + * 0041C298 8D4C24 38 LEA ECX,DWORD PTR SS:[ESP+0x38] + * 0041C29C 8B15 B44E4A00 MOV EDX,DWORD PTR DS:[0x4A4EB4] + * 0041C2A2 51 PUSH ECX + * 0041C2A3 8B0D 5C0A4A00 MOV ECX,DWORD PTR DS:[0x4A0A5C] + * 0041C2A9 8BC1 MOV EAX,ECX + * + * Other thread callers: + * + * 00421298 8D8424 B0000000 LEA EAX,DWORD PTR SS:[ESP+0xB0] + * 0042129F 50 PUSH EAX + * 004212A0 51 PUSH ECX + * 004212A1 895424 2C MOV DWORD PTR SS:[ESP+0x2C],EDX + * 004212A5 E8 0E04FEFF CALL .004016B8 ; jichi: other caller + * 004212AA 8D5424 38 LEA EDX,DWORD PTR SS:[ESP+0x38] + * 004212AE 68 80000000 PUSH 0x80 + * 004212B3 8D4424 24 LEA EAX,DWORD PTR SS:[ESP+0x24] + * 004212B7 52 PUSH EDX + * 004212B8 50 PUSH EAX + * 004212B9 E8 FA03FEFF CALL .004016B8 ; jichi: other here + * 004212BE 83C4 18 ADD ESP,0x18 + * 004212C1 83FF 01 CMP EDI,0x1 + * 004212C4 75 68 JNZ SHORT .0042132E + * + * + * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ + * Sample scenario caller: + * 0041C0C4 8D4424 38 LEA EAX,DWORD PTR SS:[ESP+0x38] + * 0041C0C8 68 00040000 PUSH 0x400 + * 0041C0CD 8D4C24 34 LEA ECX,DWORD PTR SS:[ESP+0x34] + * 0041C0D1 50 PUSH EAX + * 0041C0D2 51 PUSH ECX + * 0041C0D3 E8 C755FEFF CALL .0040169F ; jichi: called here + * 0041C0D8 8B0D 4CE94900 MOV ECX,DWORD PTR DS:[0x49E94C] + * 0041C0DE 8B35 00244A00 MOV ESI,DWORD PTR DS:[0x4A2400] + * 0041C0E4 8BC1 MOV EAX,ECX + * 0041C0E6 83C4 0C ADD ESP,0xC + * + * 0012FA54 00000001 + * 0012FA58 00000006 + * 0012FA5C 7707EA71 user32.MessageBoxA + * 0012FA60 00000000 + * 0012FA64 00000000 + * 0012FA68 0012FF78 Pointer to next SEH record + * 0012FA6C 00480918 SE handler + * 0012FA70 00000000 + * 0012FA74 0041C0D8 RETURN to .0041C0D8 from .0040169F + * 0012FA78 0012FAB4 + * 0012FA7C 0012FABC + * 0012FA80 00000400 ; jichi: used as split to identify scenario thread + * 0012FA84 00000003 + * 0012FA88 77032EB2 user32.PeekMessageA + * 0012FA8C 77033569 user32.DispatchMessageA + * 0012FA90 7FFDF000 + * 0012FA94 00000000 + * 0012FA98 00000000 + * + * Other thread caller: + * 0012FD60 00000001 + * 0012FD64 00000001 + * 0012FD68 7FFDF000 + * 0012FD6C 00000000 + * 0012FD70 00000000 + * 0012FD74 0012FF78 Pointer to next SEH record + * 0012FD78 00480918 SE handler + * 0012FD7C 00000000 + * 0012FD80 0042113A RETURN to .0042113A from .0040169F + * 0012FD84 0012FDAC + * 0012FD88 0012FE3C + * 0012FD8C 00000080 ; jichi: arg3 + * 0012FD90 00000003 + * 0012FD94 77032EB2 user32.PeekMessageA + * 0012FD98 77033569 user32.DispatchMessageA + * 0012FD9C 00000002 + * 0012FDA0 00000034 + * 0012FDA4 00000002 + * 0012FDA8 0000006D + * 0012FDAC 00000002 + * 0012FDB0 00000034 + * 0012FDB4 00000000 + * 0012FDB8 00000001 + * 0012FDBC 001907D0 + * 0012FDC0 00000202 + * + * Sample game: 恋姫†無双 + * ecx = 0x22 + * Sample game text containing zeros + * 01D6B13B 8E A9 8C 52 81 41 05 04 00 00 00 01 81 40 81 40 自軍、...   + * 01D6B14B 81 40 91 CE 01 93 47 8C 52 81 41 05 05 00 00 00  対敵軍、... + * 01D6B15B 02 00 14 00 00 00 5F 62 74 6C 5F 53 65 74 57 61 ...._btl_SetWa + * 01D6B16B 7A 61 42 74 6E 53 72 63 59 00 0D 00 00 00 5F 62 zaBtnSrcY....._b + * 01D6B17B 74 6C 5F 63 6D 64 63 68 69 70 00 0F 00 00 00 5F tl_cmdchip...._ + * 01D6B18B 62 74 6C 5F 63 6D 64 63 68 69 70 5F 6D 00 0D 00 btl_cmdchip_m... + * 01D6B19B 00 00 5F 62 74 6C 5F 6F 6E 6D 6F 75 73 65 00 0E .._btl_onmouse. + * 01D6B1AB 00 00 00 5F 62 74 6C 5F 73 65 6C 65 63 74 65 64 ..._btl_selected + * 01D6B1BB 00 0B 00 00 00 5F 62 74 6C 5F 52 65 74 72 79 00 . ..._btl_Retry. + * 01D6B1CB 13 00 00 00 5F 62 74 6C 5F 43 6C 65 61 6E 75 70 ..._btl_Cleanup + * + * ecx = 0x19 + * 01D6B317 81 40 04 6B 00 00 00 82 CC 91 B9 8A 51 82 F0 97  k...の損害を・ + * 01D6B327 5E 82 A6 82 BD 81 42 02 00 10 00 00 00 5F 62 74 ^えた。...._bt + * 01D6B337 6C 5F 57 61 7A 61 5F 43 68 6F 75 6E 00 17 00 00 l_Waza_Choun... + * 01D6B347 00 5F 62 74 6C 5F 57 61 7A 61 45 6E 65 6D 79 5F ._btl_WazaEnemy_ + * 01D6B357 42 75 66 66 41 54 4B 00 10 00 00 00 5F 62 74 6C BuffATK...._btl + * 01D6B367 5F 57 61 7A 61 5F 4B 6F 63 68 75 00 1C 00 00 00 _Waza_Kochu.... + */ - ULONG edx, esi; + bool hook1(hook_stack *s, void *data, size_t *len1, uintptr_t *role) + { + data_.clear(); + + int size = s->eax - 1; + if (size <= 0) + return false; + + // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here + // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here + // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] + // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX + // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: base addr, [[0x4A23E8] + 0x2944] + // 0042FC1A 8BF8 MOV EDI,EAX + // 0042FC1C 8BC1 MOV EAX,ECX + // 0042FC1E 83C4 04 ADD ESP,0x4 + // + // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: hook2, text in esi + + ULONG edx, esi; + { + edx = *(DWORD *)textBaseAddress_; // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] + edx = *(DWORD *)(edx + textOffset_); // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] + esi = *(DWORD *)(s->esi + 0x4); // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + esi = edx + esi + 0x4; // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] + } + + auto text = (LPCSTR)esi; + if (!*text + //|| ::strlen(text) != size + || text[size] // text length not verified since there could be trailing zeros + || ::isalpha(text[0]) && ::isalpha(text[1]) // Sample system text in 恋姫無双: bcg_剣道場a + || all_ascii(text)) + return false; + + auto trimmedSize = size; + auto trimmedText = trim(text, &trimmedSize); + if (trimmedSize <= 0) + return false; + + // auto size = s->ecx * 4; + // auto dst = (LPSTR)s->edi; + *role = Engine::OtherRole; + auto retaddr = s->stack[8]; + // if ((*(DWORD *)retaddr & 0xffffff) == 0x0cc483) // 0041C295 83C4 0C ADD ESP,0xC + // role = Engine::ScenarioRole; + auto arg3 = s->stack[8 + 3]; + if (arg3 == 0x400) + *role = Engine::ScenarioRole; + // 8/7/2015: Here, I could also split choice and scenario from the retaddr. + // But I didn't so that choice can also be display the same way asn scenario. + // sig = retaddr; + + std::string oldData(trimmedText, trimmedSize); + + static const std::string zero_bytes(1, '\0'); + const char *zero_str = LCSE_0; + + bool containsZeros = false; + if (oldData.find('\0') != oldData.npos) + { + containsZeros = true; + strReplace(oldData, zero_bytes, zero_str); + // oldData.replace(zero_bytes, zero_str); + *role = Engine::OtherRole; + // FIXME: There could be individual ascii letters before zeros (such as "k" and "n") + // They should be escaped here. + // Escaping not implemented since I am lazy. + } + write_string_overwrite(data, len1, oldData); + return true; + } + void hookafter(hook_stack *s, void *data, size_t len1) + { + + int size = s->eax - 1; + if (size <= 0) + return; + + ULONG edx, esi; + { + edx = *(DWORD *)textBaseAddress_; // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] + edx = *(DWORD *)(edx + textOffset_); // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] + esi = *(DWORD *)(s->esi + 0x4); // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + esi = edx + esi + 0x4; // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] + } + + auto text = (LPCSTR)esi; + if (!*text + //|| ::strlen(text) != size + || text[size] // text length not verified since there could be trailing zeros + || ::isalpha(text[0]) && ::isalpha(text[1]) // Sample system text in 恋姫無双: bcg_剣道場a + || all_ascii(text)) + return; + + auto trimmedSize = size; + auto trimmedText = trim(text, &trimmedSize); + if (trimmedSize <= 0) + return; + + auto retaddr = s->stack[8]; + // if ((*(DWORD *)retaddr & 0xffffff) == 0x0cc483) // 0041C295 83C4 0C ADD ESP,0xC + // role = Engine::ScenarioRole; + auto arg3 = s->stack[8 + 3]; + + std::string oldData(trimmedText, trimmedSize); + + static const std::string zero_bytes(1, '\0'); + const char *zero_str = LCSE_0; + + bool containsZeros = false; + if (oldData.find('\0') != oldData.npos) + { + containsZeros = true; + strReplace(oldData, zero_bytes, zero_str); + // oldData.replace(zero_bytes, zero_str); + + // FIXME: There could be individual ascii letters before zeros (such as "k" and "n") + // They should be escaped here. + // Escaping not implemented since I am lazy. + } + std::string newData = std::string((char *)data, len1); + if (newData.empty() || newData == oldData) + return; + + if (containsZeros) + strReplace(newData, zero_str, zero_bytes); + // newData.replace(zero_str, zero_bytes); + + int prefixSize = trimmedText - text, + suffixSize = size - prefixSize - trimmedSize; + if (prefixSize) + newData.insert(0, std::string(text, prefixSize)); + if (suffixSize) + newData.append(trimmedText + trimmedSize, suffixSize); + + data_ = newData; + s->eax = data_.size() + 1; + return; + } + bool hook2(hook_stack *s, void *data, size_t *len1, uintptr_t *role) + { + if (!data_.empty()) + s->esi = (ULONG)data_.c_str(); + return false; + } + } // namespace Private + + /** + * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ + * + * 0042FB1E CC INT3 + * 0042FB1F CC INT3 + * 0042FB20 6A FF PUSH -0x1 + * 0042FB22 68 18094800 PUSH lcsebody.00480918 + * 0042FB27 64:A1 00000000 MOV EAX,DWORD PTR FS:[0] + * 0042FB2D 50 PUSH EAX + * 0042FB2E 64:8925 00000000 MOV DWORD PTR FS:[0],ESP + * 0042FB35 83EC 08 SUB ESP,0x8 + * 0042FB38 53 PUSH EBX + * 0042FB39 33DB XOR EBX,EBX + * 0042FB3B 56 PUSH ESI + * 0042FB3C 57 PUSH EDI + * 0042FB3D 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX + * 0042FB41 895C24 10 MOV DWORD PTR SS:[ESP+0x10],EBX + * 0042FB45 8B7424 24 MOV ESI,DWORD PTR SS:[ESP+0x24] ; jichi; arg1 + * 0042FB49 895C24 1C MOV DWORD PTR SS:[ESP+0x1C],EBX + * 0042FB4D 8B06 MOV EAX,DWORD PTR DS:[ESI] + * 0042FB4F 83F8 05 CMP EAX,0x5 + * 0042FB52 75 2F JNZ SHORT lcsebody.0042FB83 + * 0042FB54 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + * 0042FB57 8B3D E8234A00 MOV EDI,DWORD PTR DS:[0x4A23E8] + * 0042FB5D 3BF3 CMP ESI,EBX + * 0042FB5F 7C 08 JL SHORT lcsebody.0042FB69 + * 0042FB61 39B7 54290000 CMP DWORD PTR DS:[EDI+0x2954],ESI + * 0042FB67 7F 12 JG SHORT lcsebody.0042FB7B + * 0042FB69 53 PUSH EBX + * 0042FB6A 68 20F54800 PUSH lcsebody.0048F520 ; ASCII "err" + * 0042FB6F 68 F4F44800 PUSH lcsebody.0048F4F4 + * 0042FB74 53 PUSH EBX + * 0042FB75 FF15 EC874A00 CALL DWORD PTR DS:[<&USER32.MessageBoxA>>; user32.MessageBoxA + * 0042FB7B 8B87 74290000 MOV EAX,DWORD PTR DS:[EDI+0x2974] + * 0042FB81 EB 32 JMP SHORT lcsebody.0042FBB5 + * 0042FB83 83F8 08 CMP EAX,0x8 ; jichi: esi=arg1 jumped here + * 0042FB86 75 57 JNZ SHORT lcsebody.0042FBDF + * 0042FB88 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + * 0042FB8B 8B3D E8234A00 MOV EDI,DWORD PTR DS:[0x4A23E8] + * 0042FB91 3BF3 CMP ESI,EBX + * 0042FB93 7C 08 JL SHORT lcsebody.0042FB9D + * 0042FB95 39B7 60290000 CMP DWORD PTR DS:[EDI+0x2960],ESI + * 0042FB9B 7F 12 JG SHORT lcsebody.0042FBAF + * 0042FB9D 53 PUSH EBX + * 0042FB9E 68 20F54800 PUSH lcsebody.0048F520 ; ASCII "err" + * 0042FBA3 68 F4F44800 PUSH lcsebody.0048F4F4 + * 0042FBA8 53 PUSH EBX + * 0042FBA9 FF15 EC874A00 CALL DWORD PTR DS:[<&USER32.MessageBoxA>>; user32.MessageBoxA + * 0042FBAF 8B87 80290000 MOV EAX,DWORD PTR DS:[EDI+0x2980] + * 0042FBB5 8D34F0 LEA ESI,DWORD PTR DS:[EAX+ESI*8] + * 0042FBB8 8B06 MOV EAX,DWORD PTR DS:[ESI] + * 0042FBBA 50 PUSH EAX + * 0042FBBB 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX + * 0042FBBF E8 5E840000 CALL lcsebody.00438022 + * 0042FBC4 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] + * 0042FBC8 83C4 04 ADD ESP,0x4 + * 0042FBCB 8BD1 MOV EDX,ECX + * 0042FBCD 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX + * 0042FBD1 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + * 0042FBD4 8BF8 MOV EDI,EAX + * 0042FBD6 C1E9 02 SHR ECX,0x2 + * 0042FBD9 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS> + * 0042FBDB 8BCA MOV ECX,EDX + * 0042FBDD EB 4D JMP SHORT lcsebody.0042FC2C + * 0042FBDF 83F8 02 CMP EAX,0x2 ; jichi: esi=arg1 jumped here + * 0042FBE2 0F85 A2000000 JNZ lcsebody.0042FC8A + * 0042FBE8 A1 E8234A00 MOV EAX,DWORD PTR DS:[0x4A23E8] ; jichi: text length here + * 0042FBED 8B56 04 MOV EDX,DWORD PTR DS:[ESI+0x4] + * 0042FBF0 8B88 44290000 MOV ECX,DWORD PTR DS:[EAX+0x2944] + * 0042FBF6 8B0411 MOV EAX,DWORD PTR DS:[ECX+EDX] + * + * 0042FBF9 50 PUSH EAX ; jichi: hook1, text length pushed, new function + * 0042FBFA 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX ; jichi: text length, is this the memory allocation + * 0042FBFE E8 1F840000 CALL lcsebody.00438022 + * + * 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here + * 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here + * 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] + * 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX + * 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: base addr, [[0x4A23E8] + 0x2944] + * 0042FC1A 8BF8 MOV EDI,EAX + * 0042FC1C 8BC1 MOV EAX,ECX + * 0042FC1E 83C4 04 ADD ESP,0x4 + * + * 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: hook2, text in esi + * 0042FC25 C1E9 02 SHR ECX,0x2 ; jichi: ecx is now the count, here, the rep function is blocked by 4 for performance + * 0042FC28 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS[ESI] ; jichi: text accessed here from esi to edi + * + * 0042FC2A 8BC8 MOV ECX,EAX + * 0042FC2C 8B5424 28 MOV EDX,DWORD PTR SS:[ESP+0x28] + * 0042FC30 83E1 03 AND ECX,0x3 + * 0042FC33 F3:A4 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI] + * 0042FC35 8B4C24 2C MOV ECX,DWORD PTR SS:[ESP+0x2C] + * 0042FC39 8D4424 0C LEA EAX,DWORD PTR SS:[ESP+0xC] + * 0042FC3D 51 PUSH ECX + * 0042FC3E 52 PUSH EDX + * 0042FC3F 50 PUSH EAX + * 0042FC40 E8 AB14FDFF CALL lcsebody.004010F0 + * 0042FC45 83C4 0C ADD ESP,0xC + * 0042FC48 C74424 1C FFFFFF>MOV DWORD PTR SS:[ESP+0x1C],-0x1 + * 0042FC50 84C0 TEST AL,AL + * 0042FC52 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+0x10] + * 0042FC56 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX + * 0042FC5A 74 21 JE SHORT lcsebody.0042FC7D + * 0042FC5C 3BC3 CMP EAX,EBX + * 0042FC5E 74 09 JE SHORT lcsebody.0042FC69 + * 0042FC60 50 PUSH EAX + * 0042FC61 E8 467E0000 CALL lcsebody.00437AAC + * 0042FC66 83C4 04 ADD ESP,0x4 + * 0042FC69 5F POP EDI + * 0042FC6A 5E POP ESI + * 0042FC6B B0 01 MOV AL,0x1 + * 0042FC6D 5B POP EBX + * 0042FC6E 8B4C24 08 MOV ECX,DWORD PTR SS:[ESP+0x8] + * 0042FC72 64:890D 00000000 MOV DWORD PTR FS:[0],ECX + * 0042FC79 83C4 14 ADD ESP,0x14 + * 0042FC7C C3 RETN + * 0042FC7D 3BC3 CMP EAX,EBX + * 0042FC7F 74 09 JE SHORT lcsebody.0042FC8A + * 0042FC81 50 PUSH EAX + * 0042FC82 E8 257E0000 CALL lcsebody.00437AAC + * 0042FC87 83C4 04 ADD ESP,0x4 + * 0042FC8A 8B4C24 14 MOV ECX,DWORD PTR SS:[ESP+0x14] + * 0042FC8E 5F POP EDI + * 0042FC8F 5E POP ESI + * 0042FC90 32C0 XOR AL,AL + * 0042FC92 5B POP EBX + * 0042FC93 64:890D 00000000 MOV DWORD PTR FS:[0],ECX + * 0042FC9A 83C4 14 ADD ESP,0x14 + * 0042FC9D C3 RETN + * 0042FC9E 90 NOP + * 0042FC9F 90 NOP + * 0042FCA0 CC INT3 + * 0042FCA1 CC INT3 + * 0042FCA2 CC INT3 + * 0042FCA3 CC INT3 + * 0042FCA4 CC INT3 + * 0042FCA5 CC INT3 + * 0042FCA6 CC INT3 + * + * Sample game: 姦獄学園 + * + * 00430CAB CC INT3 + * 00430CAC CC INT3 + * 00430CAD CC INT3 + * 00430CAE CC INT3 + * 00430CAF CC INT3 + * 00430CB0 6A FF PUSH -0x1 + * 00430CB2 68 08204800 PUSH .00482008 + * 00430CB7 64:A1 00000000 MOV EAX,DWORD PTR FS:[0] + * 00430CBD 50 PUSH EAX + * 00430CBE 64:8925 00000000 MOV DWORD PTR FS:[0],ESP + * 00430CC5 83EC 08 SUB ESP,0x8 + * 00430CC8 53 PUSH EBX + * 00430CC9 33DB XOR EBX,EBX + * 00430CCB 56 PUSH ESI + * 00430CCC 57 PUSH EDI + * 00430CCD 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX + * 00430CD1 895C24 10 MOV DWORD PTR SS:[ESP+0x10],EBX + * 00430CD5 8B7424 24 MOV ESI,DWORD PTR SS:[ESP+0x24] + * 00430CD9 895C24 1C MOV DWORD PTR SS:[ESP+0x1C],EBX + * 00430CDD 8B06 MOV EAX,DWORD PTR DS:[ESI] + * 00430CDF 83F8 05 CMP EAX,0x5 + * 00430CE2 75 2F JNZ SHORT .00430D13 + * 00430CE4 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + * 00430CE7 8B3D 9C4E4A00 MOV EDI,DWORD PTR DS:[0x4A4E9C] + * 00430CED 3BF3 CMP ESI,EBX + * 00430CEF 7C 08 JL SHORT .00430CF9 + * 00430CF1 39B7 54310000 CMP DWORD PTR DS:[EDI+0x3154],ESI + * 00430CF7 7F 12 JG SHORT .00430D0B + * 00430CF9 53 PUSH EBX + * 00430CFA 68 98154900 PUSH .00491598 ; ASCII "err" + * 00430CFF 68 D8254900 PUSH .004925D8 + * 00430D04 53 PUSH EBX + * 00430D05 FF15 2CC84A00 CALL DWORD PTR DS:[0x4AC82C] ; user32.MessageBoxA + * 00430D0B 8B87 74310000 MOV EAX,DWORD PTR DS:[EDI+0x3174] + * 00430D11 EB 32 JMP SHORT .00430D45 + * 00430D13 83F8 08 CMP EAX,0x8 + * 00430D16 75 57 JNZ SHORT .00430D6F + * 00430D18 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + * 00430D1B 8B3D 9C4E4A00 MOV EDI,DWORD PTR DS:[0x4A4E9C] + * 00430D21 3BF3 CMP ESI,EBX + * 00430D23 7C 08 JL SHORT .00430D2D + * 00430D25 39B7 60310000 CMP DWORD PTR DS:[EDI+0x3160],ESI + * 00430D2B 7F 12 JG SHORT .00430D3F + * 00430D2D 53 PUSH EBX + * 00430D2E 68 98154900 PUSH .00491598 ; ASCII "err" + * 00430D33 68 AC254900 PUSH .004925AC + * 00430D38 53 PUSH EBX + * 00430D39 FF15 2CC84A00 CALL DWORD PTR DS:[0x4AC82C] ; user32.MessageBoxA + * 00430D3F 8B87 80310000 MOV EAX,DWORD PTR DS:[EDI+0x3180] + * 00430D45 8D34F0 LEA ESI,DWORD PTR DS:[EAX+ESI*8] + * 00430D48 8B06 MOV EAX,DWORD PTR DS:[ESI] + * 00430D4A 50 PUSH EAX + * 00430D4B 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX + * 00430D4F E8 BE890000 CALL .00439712 + * 00430D54 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] + * 00430D58 83C4 04 ADD ESP,0x4 + * 00430D5B 8BD1 MOV EDX,ECX + * 00430D5D 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX + * 00430D61 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + * 00430D64 8BF8 MOV EDI,EAX + * 00430D66 C1E9 02 SHR ECX,0x2 + * 00430D69 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS> + * 00430D6B 8BCA MOV ECX,EDX + * 00430D6D EB 4D JMP SHORT .00430DBC + * 00430D6F 83F8 02 CMP EAX,0x2 + * 00430D72 0F85 A2000000 JNZ .00430E1A + * 00430D78 A1 9C4E4A00 MOV EAX,DWORD PTR DS:[0x4A4E9C] + * 00430D7D 8B56 04 MOV EDX,DWORD PTR DS:[ESI+0x4] + * 00430D80 8B88 44310000 MOV ECX,DWORD PTR DS:[EAX+0x3144] + * 00430D86 8B0411 MOV EAX,DWORD PTR DS:[ECX+EDX] + * 00430D89 50 PUSH EAX + * 00430D8A 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX + * 00430D8E E8 7F890000 CALL .00439712 + * 00430D93 8B15 9C4E4A00 MOV EDX,DWORD PTR DS:[0x4A4E9C] + * 00430D99 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] + * 00430D9D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] + * 00430DA0 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX + * 00430DA4 8B92 44310000 MOV EDX,DWORD PTR DS:[EDX+0x3144] + * 00430DAA 8BF8 MOV EDI,EAX + * 00430DAC 8BC1 MOV EAX,ECX + * 00430DAE 83C4 04 ADD ESP,0x4 + * 00430DB1 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: the other game's access point + * 00430DB5 C1E9 02 SHR ECX,0x2 + * 00430DB8 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI] + * 00430DBA 8BC8 MOV ECX,EAX + * 00430DBC 8B5424 28 MOV EDX,DWORD PTR SS:[ESP+0x28] + * 00430DC0 83E1 03 AND ECX,0x3 + * 00430DC3 F3:A4 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI] + * 00430DC5 8B4C24 2C MOV ECX,DWORD PTR SS:[ESP+0x2C] + * 00430DC9 8D4424 0C LEA EAX,DWORD PTR SS:[ESP+0xC] + * 00430DCD 51 PUSH ECX + * 00430DCE 52 PUSH EDX + * 00430DCF 50 PUSH EAX + * 00430DD0 E8 2503FDFF CALL .004010FA + * 00430DD5 83C4 0C ADD ESP,0xC + * 00430DD8 C74424 1C FFFFFF>MOV DWORD PTR SS:[ESP+0x1C],-0x1 + * 00430DE0 84C0 TEST AL,AL + * 00430DE2 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+0x10] + * 00430DE6 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX + * 00430DEA 74 21 JE SHORT .00430E0D + * 00430DEC 3BC3 CMP EAX,EBX + * 00430DEE 74 09 JE SHORT .00430DF9 + * 00430DF0 50 PUSH EAX + * 00430DF1 E8 A6830000 CALL .0043919C + * 00430DF6 83C4 04 ADD ESP,0x4 + * 00430DF9 5F POP EDI + * 00430DFA 5E POP ESI + * 00430DFB B0 01 MOV AL,0x1 + * 00430DFD 5B POP EBX + * 00430DFE 8B4C24 08 MOV ECX,DWORD PTR SS:[ESP+0x8] + * 00430E02 64:890D 00000000 MOV DWORD PTR FS:[0],ECX + * 00430E09 83C4 14 ADD ESP,0x14 + * 00430E0C C3 RETN + * 00430E0D 3BC3 CMP EAX,EBX + * 00430E0F 74 09 JE SHORT .00430E1A + * 00430E11 50 PUSH EAX + * 00430E12 E8 85830000 CALL .0043919C + * 00430E17 83C4 04 ADD ESP,0x4 + * 00430E1A 8B4C24 14 MOV ECX,DWORD PTR SS:[ESP+0x14] + * 00430E1E 5F POP EDI + * 00430E1F 5E POP ESI + * 00430E20 32C0 XOR AL,AL + * 00430E22 5B POP EBX + * 00430E23 64:890D 00000000 MOV DWORD PTR FS:[0],ECX + * 00430E2A 83C4 14 ADD ESP,0x14 + * 00430E2D C3 RETN + * 00430E2E 90 NOP + * 00430E2F 90 NOP + * 00430E30 CC INT3 + * 00430E31 CC INT3 + * 00430E32 CC INT3 + * 00430E33 CC INT3 + * 00430E34 CC INT3 + */ + bool isLeadByteChar(const char *s) { - edx = *(DWORD *)textBaseAddress_; // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] - edx = *(DWORD *)(edx + textOffset_); // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] - esi = *(DWORD *)(s->esi + 0x4); // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - esi = edx + esi + 0x4; // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] + return dynsjis::isleadstr(s); + // return ::IsDBCSLeadByte(HIBYTE(testChar)); + } + bool attach(ULONG startAddress, ULONG stopAddress, ULONG dyna) + { + const uint8_t bytes[] = { + 0x8d, 0x74, 0x32, 0x04, // 0042fc21 8d7432 04 lea esi,dword ptr ds:[edx+esi+0x4] + 0xc1, 0xe9, 0x02, // 0042fc25 c1e9 02 shr ecx,0x2 + 0xf3, 0xa5 // 0042fc28 f3:a5 rep movs dword ptr es:[edi],dword ptr ds[esi] ; jichi: text accessed here from esi to edi + }; + ULONG addr2 = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); + if (!addr2) + return false; + + // 0042FBF9 50 PUSH EAX ; jichi: hook1, text length pushed, new function + // 0042FBFA 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX ; jichi: text length, is this the memory allocation? + // 0042FBFE E8 1F840000 CALL lcsebody.00438022 + // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here + // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here + // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] + // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX + // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: base addr, [[0x4A23E8] + 0x2944] + // 0042FC1A 8BF8 MOV EDI,EAX + // 0042FC1C 8BC1 MOV EAX,ECX + // 0042FC1E 83C4 04 ADD ESP,0x4 + // + // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: hook2, text in esi + // 0042FC25 C1E9 02 SHR ECX,0x2 ; jichi: ecx is now the count, here, the rep function is blocked by 4 for performance + // 0042FC28 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS[ESI] ; jichi: text accessed here from esi to edi + ULONG addr1 = addr2 + 0x0042fbf9 - 0x0042fc21; + if (*(BYTE *)addr1 != 0x50) // push_eax + return false; + + // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here + // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here + // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] + // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX + // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: offset addr, [[0x4A23E8] + 0x2944] + { + ULONG addr = addr2 + 0x0042fc03 - 0x0042fc21; + if (*(WORD *)addr != 0x158b) // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] + return false; + addr += 2; + Private::textBaseAddress_ = *(DWORD *)addr; + } + { + ULONG addr = addr2 + 0x0042fc14 - 0x0042fc21; + if (*(WORD *)addr != 0x928b) // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] + return false; + addr += 2; + Private::textOffset_ = *(DWORD *)addr; + } + HookParam hp; + hp.address = addr1; + hp.hook_before = Private::hook1; + hp.hook_after = Private::hookafter; + hp.type = EMBED_ABLE; + hp.newlineseperator = L"\x01"; + hp.hook_font = F_GetGlyphOutlineA; + if (dyna) + { + static ULONG dynas; + dynas = dyna; + hp.type |= EMBED_DYNA_SJIS; + hp.hook_font = F_GetGlyphOutlineA; + patch_fun = []() + { + ReplaceFunction((PVOID)dynas, (PVOID)(ULONG)isLeadByteChar); + dynamiccodec->setMinimumSecondByte(6); //// skip 0x1,0x2,0x3 in case dynamic encoding could crash the game + }; + } + auto succ = NewHook(hp, "EmbedLCSE"); + hp.address = addr2 + 4; + hp.hook_before = Private::hook2; + hp.type = EMBED_ABLE | HOOK_EMPTY; + succ |= NewHook(hp, "EmbedLCSE"); + return succ; + } + } // namespace ScenarioHook + + namespace Patch + { + + namespace Private + { + bool isLeadByteChar(const char *s) + { + return dynsjis::isleadstr(s); + // return ::IsDBCSLeadByte(HIBYTE(testChar)); + } + + } // namespace Private + + /** + * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ + * + * Debugging method: Find text in memory, and then insert hardware breakpoint. + * It will be accessed only ONCE in the following function. + * + * This function can also be found by searching the following instruction: + * 0040A389 3C 81 CMP AL,0x81 + * + * This function is very similar to that in CatSystem2. + * + * 0040A37E CC INT3 + * 0040A37F CC INT3 + * 0040A380 8B4C24 04 MOV ECX,DWORD PTR SS:[ESP+0x4] + * 0040A384 8A01 MOV AL,BYTE PTR DS:[ECX] ; jichi: first byte + * 0040A386 8A49 01 MOV CL,BYTE PTR DS:[ECX+0x1] ; jichi: second byte + * 0040A389 3C 81 CMP AL,0x81 + * 0040A38B 72 04 JB SHORT lcsebody.0040A391 + * 0040A38D 3C 9F CMP AL,0x9F + * 0040A38F 76 08 JBE SHORT lcsebody.0040A399 + * 0040A391 3C E0 CMP AL,0xE0 + * 0040A393 72 1B JB SHORT lcsebody.0040A3B0 + * 0040A395 3C FC CMP AL,0xFC + * 0040A397 77 17 JA SHORT lcsebody.0040A3B0 + * 0040A399 80F9 40 CMP CL,0x40 + * 0040A39C 72 05 JB SHORT lcsebody.0040A3A3 + * 0040A39E 80F9 7E CMP CL,0x7E + * 0040A3A1 76 0A JBE SHORT lcsebody.0040A3AD + * 0040A3A3 80F9 80 CMP CL,0x80 + * 0040A3A6 72 08 JB SHORT lcsebody.0040A3B0 + * 0040A3A8 80F9 FC CMP CL,0xFC + * 0040A3AB 77 03 JA SHORT lcsebody.0040A3B0 + * 0040A3AD B0 01 MOV AL,0x1 + * 0040A3AF C3 RETN + * 0040A3B0 32C0 XOR AL,AL + * 0040A3B2 C3 RETN + * 0040A3B3 90 NOP + * 0040A3B4 90 NOP + * 0040A3B5 90 NOP + * 0040A3B6 90 NOP + * + * This function is found by tracing the caller of GetGlyphOutlineA, as follows: + * + * 00416B6B CC INT3 + * 00416B6C CC INT3 + * 00416B6D CC INT3 + * 00416B6E CC INT3 + * 00416B6F CC INT3 + * 00416B70 83EC 08 SUB ESP,0x8 + * 00416B73 53 PUSH EBX + * 00416B74 56 PUSH ESI + * 00416B75 8BF1 MOV ESI,ECX + * 00416B77 33DB XOR EBX,EBX ; jichi: zero ebx + * 00416B79 57 PUSH EDI + * 00416B7A 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] + * 00416B80 8A9430 08010000 MOV DL,BYTE PTR DS:[EAX+ESI+0x108] ; jichi: byte accessed here + * 00416B87 8D8C30 08010000 LEA ECX,DWORD PTR DS:[EAX+ESI+0x108] ; jichi: byte accessed here + * 00416B8E 3AD3 CMP DL,BL ; jichi: bl is zero, dl is the current byte + * 00416B90 75 0C JNZ SHORT lcsebody.00416B9E + * 00416B92 B8 FF000000 MOV EAX,0xFF + * 00416B97 5F POP EDI + * 00416B98 5E POP ESI + * 00416B99 5B POP EBX + * 00416B9A 83C4 08 ADD ESP,0x8 + * 00416B9D C3 RETN + * 00416B9E 8B96 F0000000 MOV EDX,DWORD PTR DS:[ESI+0xF0] + * 00416BA4 4A DEC EDX + * 00416BA5 3BC2 CMP EAX,EDX + * 00416BA7 0F8D 31010000 JGE lcsebody.00416CDE + * 00416BAD 51 PUSH ECX + * 00416BAE E8 31B1FEFF CALL lcsebody.00401CE4 ; jichi: ecx point to the current character, return 0 or 1 + * 00416BB3 83C4 04 ADD ESP,0x4 + * 00416BB6 84C0 TEST AL,AL + * 00416BB8 0F84 20010000 JE lcsebody.00416CDE ; jichi: wrong here + * 00416BBE 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] + * 00416BC4 33C9 XOR ECX,ECX + * 00416BC6 03C6 ADD EAX,ESI + * 00416BC8 889E 20050000 MOV BYTE PTR DS:[ESI+0x520],BL + * 00416BCE 8AA8 08010000 MOV CH,BYTE PTR DS:[EAX+0x108] ; jichi: high bits + * 00416BD4 8A88 09010000 MOV CL,BYTE PTR DS:[EAX+0x109] + * 00416BDA 8BF9 MOV EDI,ECX ; jichi: low bits, edi is now the full character + * 00416BDC 8BCE MOV ECX,ESI ; jichi: recover ecx to esi + * 00416BDE E8 13AEFEFF CALL lcsebody.004019F6 ; jichi: eax is zero when edi is legal + * 00416BE3 3BC3 CMP EAX,EBX ; jichi: ebx is always zero as well + * 00416BE5 74 4A JE SHORT lcsebody.00416C31 + * 00416BE7 389E 2C050000 CMP BYTE PTR DS:[ESI+0x52C],BL + * 00416BED 0F84 9A020000 JE lcsebody.00416E8D + * 00416BF3 389E 20050000 CMP BYTE PTR DS:[ESI+0x520],BL + * 00416BF9 74 1B JE SHORT lcsebody.00416C16 + * 00416BFB B9 34F14800 MOV ECX,lcsebody.0048F134 + * 00416C00 3B39 CMP EDI,DWORD PTR DS:[ECX] + * 00416C02 74 2D JE SHORT lcsebody.00416C31 + * 00416C04 83C1 04 ADD ECX,0x4 + * 00416C07 81F9 50F14800 CMP ECX,lcsebody.0048F150 + * 00416C0D ^7C F1 JL SHORT lcsebody.00416C00 + * 00416C0F 5F POP EDI + * 00416C10 5E POP ESI + * 00416C11 5B POP EBX + * 00416C12 83C4 08 ADD ESP,0x8 + * 00416C15 C3 RETN + * 00416C16 B9 00F14800 MOV ECX,lcsebody.0048F100 + * 00416C1B 3B39 CMP EDI,DWORD PTR DS:[ECX] + * 00416C1D 74 12 JE SHORT lcsebody.00416C31 + * 00416C1F 83C1 04 ADD ECX,0x4 + * 00416C22 81F9 34F14800 CMP ECX,lcsebody.0048F134 + * 00416C28 ^7C F1 JL SHORT lcsebody.00416C1B + * 00416C2A 5F POP EDI + * 00416C2B 5E POP ESI + * 00416C2C 5B POP EBX + * 00416C2D 83C4 08 ADD ESP,0x8 + * 00416C30 C3 RETN + * 00416C31 8A8E 20050000 MOV CL,BYTE PTR DS:[ESI+0x520] + * 00416C37 3ACB CMP CL,BL + * 00416C39 74 15 JE SHORT lcsebody.00416C50 + * 00416C3B B8 70F14800 MOV EAX,lcsebody.0048F170 + * 00416C40 3B38 CMP EDI,DWORD PTR DS:[EAX] + * 00416C42 74 21 JE SHORT lcsebody.00416C65 + * 00416C44 83C0 04 ADD EAX,0x4 + * 00416C47 3D 7CF14800 CMP EAX,lcsebody.0048F17C + * 00416C4C ^7C F2 JL SHORT lcsebody.00416C40 + * 00416C4E EB 1B JMP SHORT lcsebody.00416C6B + * 00416C50 B8 50F14800 MOV EAX,lcsebody.0048F150 + * 00416C55 3B38 CMP EDI,DWORD PTR DS:[EAX] ; jichi: compare current wide character with a threshold (0x8169 = "(") + * 00416C57 74 0C JE SHORT lcsebody.00416C65 + * 00416C59 83C0 04 ADD EAX,0x4 + * 00416C5C 3D 70F14800 CMP EAX,lcsebody.0048F170 + * 00416C61 ^7C F2 JL SHORT lcsebody.00416C55 + * 00416C63 EB 06 JMP SHORT lcsebody.00416C6B + * 00416C65 FF86 24050000 INC DWORD PTR DS:[ESI+0x524] + * 00416C6B 3ACB CMP CL,BL + * 00416C6D 74 15 JE SHORT lcsebody.00416C84 + * 00416C6F B8 9CF14800 MOV EAX,lcsebody.0048F19C + * 00416C74 3B38 CMP EDI,DWORD PTR DS:[EAX] + * 00416C76 74 21 JE SHORT lcsebody.00416C99 + * 00416C78 83C0 04 ADD EAX,0x4 + * 00416C7B 3D A8F14800 CMP EAX,lcsebody.0048F1A8 + * 00416C80 ^7C F2 JL SHORT lcsebody.00416C74 + * 00416C82 EB 2A JMP SHORT lcsebody.00416CAE + * 00416C84 B8 7CF14800 MOV EAX,lcsebody.0048F17C + * 00416C89 3B38 CMP EDI,DWORD PTR DS:[EAX] + * 00416C8B 74 0C JE SHORT lcsebody.00416C99 + * 00416C8D 83C0 04 ADD EAX,0x4 + * 00416C90 3D 9CF14800 CMP EAX,lcsebody.0048F19C + * 00416C95 ^7C F2 JL SHORT lcsebody.00416C89 + * 00416C97 EB 15 JMP SHORT lcsebody.00416CAE + * 00416C99 8B86 24050000 MOV EAX,DWORD PTR DS:[ESI+0x524] + * 00416C9F 48 DEC EAX + * 00416CA0 8986 24050000 MOV DWORD PTR DS:[ESI+0x524],EAX + * 00416CA6 79 06 JNS SHORT lcsebody.00416CAE + * 00416CA8 899E 24050000 MOV DWORD PTR DS:[ESI+0x524],EBX + * 00416CAE 57 PUSH EDI + * 00416CAF 8BCE MOV ECX,ESI + * 00416CB1 E8 20A5FEFF CALL lcsebody.004011D6 + * 00416CB6 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] + * 00416CBC 8A9430 08010000 MOV DL,BYTE PTR DS:[EAX+ESI+0x108] + * 00416CC3 83C0 02 ADD EAX,0x2 + * 00416CC6 885424 0C MOV BYTE PTR SS:[ESP+0xC],DL + * 00416CCA 8A8C30 07010000 MOV CL,BYTE PTR DS:[EAX+ESI+0x107] + * 00416CD1 884C24 0D MOV BYTE PTR SS:[ESP+0xD],CL + * 00416CD5 885C24 0E MOV BYTE PTR SS:[ESP+0xE],BL + * 00416CD9 E9 77010000 JMP lcsebody.00416E55 + * 00416CDE 8B96 EC000000 MOV EDX,DWORD PTR DS:[ESI+0xEC] + * 00416CE4 C686 20050000 01 MOV BYTE PTR DS:[ESI+0x520],0x1 + * 00416CEB 8A8C16 08010000 MOV CL,BYTE PTR DS:[ESI+EDX+0x108] + * 00416CF2 8D8416 08010000 LEA EAX,DWORD PTR DS:[ESI+EDX+0x108] + * 00416CF9 80F9 1F CMP CL,0x1F + * 00416CFC 77 54 JA SHORT lcsebody.00416D52 + * 00416CFE 80F9 03 CMP CL,0x3 + * 00416D01 75 06 JNZ SHORT lcsebody.00416D09 + * 00416D03 899E 28050000 MOV DWORD PTR DS:[ESI+0x528],EBX + * 00416D09 8A00 MOV AL,BYTE PTR DS:[EAX] + * 00416D0B 83EC 0C SUB ESP,0xC + * 00416D0E 8D5424 18 LEA EDX,DWORD PTR SS:[ESP+0x18] + * 00416D12 8BCC MOV ECX,ESP + * 00416D14 896424 1C MOV DWORD PTR SS:[ESP+0x1C],ESP + * 00416D18 8DBE FC000000 LEA EDI,DWORD PTR DS:[ESI+0xFC] + * 00416D1E 52 PUSH EDX + * 00416D1F 51 PUSH ECX + * 00416D20 8BCF MOV ECX,EDI + * 00416D22 884424 20 MOV BYTE PTR SS:[ESP+0x20],AL + * 00416D26 885C24 21 MOV BYTE PTR SS:[ESP+0x21],BL + * 00416D2A E8 D0A8FEFF CALL lcsebody.004015FF + * 00416D2F 8BCF MOV ECX,EDI + * 00416D31 E8 A1A8FEFF CALL lcsebody.004015D7 + * 00416D36 8B8E EC000000 MOV ECX,DWORD PTR DS:[ESI+0xEC] + * 00416D3C 0FBE8431 0801000> MOVSX EAX,BYTE PTR DS:[ECX+ESI+0x108] + * 00416D44 41 INC ECX + * 00416D45 898E EC000000 MOV DWORD PTR DS:[ESI+0xEC],ECX + * 00416D4B 5F POP EDI + * 00416D4C 5E POP ESI + * 00416D4D 5B POP EBX + * 00416D4E 83C4 08 ADD ESP,0x8 + * 00416D51 C3 RETN + * 00416D52 8BCE MOV ECX,ESI + * 00416D54 E8 9DACFEFF CALL lcsebody.004019F6 + * 00416D59 3BC3 CMP EAX,EBX + * 00416D5B 74 4A JE SHORT lcsebody.00416DA7 + * 00416D5D 389E 2C050000 CMP BYTE PTR DS:[ESI+0x52C],BL + * 00416D63 0F84 24010000 JE lcsebody.00416E8D + * 00416D69 389E 20050000 CMP BYTE PTR DS:[ESI+0x520],BL + * 00416D6F 74 1B JE SHORT lcsebody.00416D8C + * 00416D71 B9 34F14800 MOV ECX,lcsebody.0048F134 + * 00416D76 3919 CMP DWORD PTR DS:[ECX],EBX + * 00416D78 74 2D JE SHORT lcsebody.00416DA7 + * 00416D7A 83C1 04 ADD ECX,0x4 + * 00416D7D 81F9 50F14800 CMP ECX,lcsebody.0048F150 + * 00416D83 ^7C F1 JL SHORT lcsebody.00416D76 + * 00416D85 5F POP EDI + * 00416D86 5E POP ESI + * 00416D87 5B POP EBX + * 00416D88 83C4 08 ADD ESP,0x8 + * 00416D8B C3 RETN + * 00416D8C B9 00F14800 MOV ECX,lcsebody.0048F100 + * 00416D91 3919 CMP DWORD PTR DS:[ECX],EBX + * 00416D93 74 12 JE SHORT lcsebody.00416DA7 + * 00416D95 83C1 04 ADD ECX,0x4 + * 00416D98 81F9 34F14800 CMP ECX,lcsebody.0048F134 + * 00416D9E ^7C F1 JL SHORT lcsebody.00416D91 + * 00416DA0 5F POP EDI + * 00416DA1 5E POP ESI + * 00416DA2 5B POP EBX + * 00416DA3 83C4 08 ADD ESP,0x8 + * 00416DA6 C3 RETN + * 00416DA7 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] + * 00416DAD 8A96 20050000 MOV DL,BYTE PTR DS:[ESI+0x520] + * 00416DB3 0FBEBC06 08010000 MOVSX EDI,BYTE PTR DS:[ESI+EAX+0x108] ; jichi: edi get assigned to the illegal character + * 00416DBB 8BCF MOV ECX,EDI + * 00416DBD C1E1 08 SHL ECX,0x8 + * 00416DC0 3AD3 CMP DL,BL + * 00416DC2 74 15 JE SHORT lcsebody.00416DD9 + * 00416DC4 B8 70F14800 MOV EAX,lcsebody.0048F170 + * 00416DC9 3B08 CMP ECX,DWORD PTR DS:[EAX] + * 00416DCB 74 21 JE SHORT lcsebody.00416DEE + * 00416DCD 83C0 04 ADD EAX,0x4 + * 00416DD0 3D 7CF14800 CMP EAX,lcsebody.0048F17C + * 00416DD5 ^7C F2 JL SHORT lcsebody.00416DC9 + * 00416DD7 EB 1B JMP SHORT lcsebody.00416DF4 + * 00416DD9 B8 50F14800 MOV EAX,lcsebody.0048F150 + * 00416DDE 3B08 CMP ECX,DWORD PTR DS:[EAX] + * 00416DE0 74 0C JE SHORT lcsebody.00416DEE + * 00416DE2 83C0 04 ADD EAX,0x4 + * 00416DE5 3D 70F14800 CMP EAX,lcsebody.0048F170 + * 00416DEA ^7C F2 JL SHORT lcsebody.00416DDE + * 00416DEC EB 06 JMP SHORT lcsebody.00416DF4 + * 00416DEE FF86 24050000 INC DWORD PTR DS:[ESI+0x524] + * 00416DF4 3AD3 CMP DL,BL + * 00416DF6 74 15 JE SHORT lcsebody.00416E0D + * 00416DF8 B8 9CF14800 MOV EAX,lcsebody.0048F19C + * 00416DFD 3B08 CMP ECX,DWORD PTR DS:[EAX] + * 00416DFF 74 21 JE SHORT lcsebody.00416E22 + * 00416E01 83C0 04 ADD EAX,0x4 + * 00416E04 3D A8F14800 CMP EAX,lcsebody.0048F1A8 + * 00416E09 ^7C F2 JL SHORT lcsebody.00416DFD + * 00416E0B EB 2A JMP SHORT lcsebody.00416E37 + * 00416E0D B8 7CF14800 MOV EAX,lcsebody.0048F17C + * 00416E12 3B08 CMP ECX,DWORD PTR DS:[EAX] + * 00416E14 74 0C JE SHORT lcsebody.00416E22 + * 00416E16 83C0 04 ADD EAX,0x4 + * 00416E19 3D 9CF14800 CMP EAX,lcsebody.0048F19C + * 00416E1E ^7C F2 JL SHORT lcsebody.00416E12 + * 00416E20 EB 15 JMP SHORT lcsebody.00416E37 + * 00416E22 8B86 24050000 MOV EAX,DWORD PTR DS:[ESI+0x524] + * 00416E28 48 DEC EAX + * 00416E29 8986 24050000 MOV DWORD PTR DS:[ESI+0x524],EAX + * 00416E2F 79 06 JNS SHORT lcsebody.00416E37 + * 00416E31 899E 24050000 MOV DWORD PTR DS:[ESI+0x524],EBX + * 00416E37 57 PUSH EDI ; jichi: invalid character + * 00416E38 8BCE MOV ECX,ESI + * 00416E3A E8 97A3FEFF CALL lcsebody.004011D6 ; jichi: char in arg1 + * 00416E3F 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] + */ + + ULONG patchEncoding(ULONG startAddress, ULONG stopAddress) + { + const uint8_t bytes[] = { + 0x8b, 0x4c, 0x24, 0x04, // 0040a380 8b4c24 04 mov ecx,dword ptr ss:[esp+0x4] + 0x8a, 0x01, // 0040a384 8a01 mov al,byte ptr ds:[ecx] + 0x8a, 0x49, 0x01, // 0040a386 8a49 01 mov cl,byte ptr ds:[ecx+0x1] + 0x3c, 0x81 // 0040a389 3c 81 cmp al,0x81 + }; + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); + return addr; // && winhook::replace_fun(addr, (ULONG)Private::isLeadByteChar); } - auto text = (LPCSTR)esi; - if (!*text - //|| ::strlen(text) != size - || text[size] // text length not verified since there could be trailing zeros - || ::isalpha(text[0]) && ::isalpha(text[1]) // Sample system text in 恋姫無双: bcg_剣道場a - ||all_ascii(text)) - return ; - - auto trimmedSize = size; - auto trimmedText = trim(text, &trimmedSize); - if (trimmedSize <= 0) - return ; - - auto retaddr = s->stack[8]; - //if ((*(DWORD *)retaddr & 0xffffff) == 0x0cc483) // 0041C295 83C4 0C ADD ESP,0xC - // role = Engine::ScenarioRole; - auto arg3 = s->stack[8 + 3]; - - - std::string oldData(trimmedText, trimmedSize); - - static const std::string zero_bytes(1, '\0'); - const char *zero_str = LCSE_0; - - bool containsZeros = false; - if (oldData.find('\0')!=oldData.npos) { - containsZeros = true; - strReplace(oldData, zero_bytes, zero_str); - //oldData.replace(zero_bytes, zero_str); - - // FIXME: There could be individual ascii letters before zeros (such as "k" and "n") - // They should be escaped here. - // Escaping not implemented since I am lazy. - } - std::string newData = std::string((char*)data,len1); - if (newData.empty() || newData == oldData) - return ; - - if (containsZeros) - strReplace(newData, zero_str, zero_bytes); - //newData.replace(zero_str, zero_bytes); - - int prefixSize = trimmedText - text, - suffixSize = size - prefixSize - trimmedSize; - if (prefixSize) - newData.insert(0,std::string(text, prefixSize)); - if (suffixSize) - newData.append(trimmedText + trimmedSize, suffixSize); - - data_ = newData; - s->eax = data_.size() + 1; - return ; - - } - bool hook2(hook_stack*s,void* data, size_t* len1,uintptr_t*role) - { - if (!data_.empty()) - s->esi = (ULONG)data_.c_str(); - return false; - } -} // namespace Private - -/** - * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ - * - * 0042FB1E CC INT3 - * 0042FB1F CC INT3 - * 0042FB20 6A FF PUSH -0x1 - * 0042FB22 68 18094800 PUSH lcsebody.00480918 - * 0042FB27 64:A1 00000000 MOV EAX,DWORD PTR FS:[0] - * 0042FB2D 50 PUSH EAX - * 0042FB2E 64:8925 00000000 MOV DWORD PTR FS:[0],ESP - * 0042FB35 83EC 08 SUB ESP,0x8 - * 0042FB38 53 PUSH EBX - * 0042FB39 33DB XOR EBX,EBX - * 0042FB3B 56 PUSH ESI - * 0042FB3C 57 PUSH EDI - * 0042FB3D 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX - * 0042FB41 895C24 10 MOV DWORD PTR SS:[ESP+0x10],EBX - * 0042FB45 8B7424 24 MOV ESI,DWORD PTR SS:[ESP+0x24] ; jichi; arg1 - * 0042FB49 895C24 1C MOV DWORD PTR SS:[ESP+0x1C],EBX - * 0042FB4D 8B06 MOV EAX,DWORD PTR DS:[ESI] - * 0042FB4F 83F8 05 CMP EAX,0x5 - * 0042FB52 75 2F JNZ SHORT lcsebody.0042FB83 - * 0042FB54 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - * 0042FB57 8B3D E8234A00 MOV EDI,DWORD PTR DS:[0x4A23E8] - * 0042FB5D 3BF3 CMP ESI,EBX - * 0042FB5F 7C 08 JL SHORT lcsebody.0042FB69 - * 0042FB61 39B7 54290000 CMP DWORD PTR DS:[EDI+0x2954],ESI - * 0042FB67 7F 12 JG SHORT lcsebody.0042FB7B - * 0042FB69 53 PUSH EBX - * 0042FB6A 68 20F54800 PUSH lcsebody.0048F520 ; ASCII "err" - * 0042FB6F 68 F4F44800 PUSH lcsebody.0048F4F4 - * 0042FB74 53 PUSH EBX - * 0042FB75 FF15 EC874A00 CALL DWORD PTR DS:[<&USER32.MessageBoxA>>; user32.MessageBoxA - * 0042FB7B 8B87 74290000 MOV EAX,DWORD PTR DS:[EDI+0x2974] - * 0042FB81 EB 32 JMP SHORT lcsebody.0042FBB5 - * 0042FB83 83F8 08 CMP EAX,0x8 ; jichi: esi=arg1 jumped here - * 0042FB86 75 57 JNZ SHORT lcsebody.0042FBDF - * 0042FB88 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - * 0042FB8B 8B3D E8234A00 MOV EDI,DWORD PTR DS:[0x4A23E8] - * 0042FB91 3BF3 CMP ESI,EBX - * 0042FB93 7C 08 JL SHORT lcsebody.0042FB9D - * 0042FB95 39B7 60290000 CMP DWORD PTR DS:[EDI+0x2960],ESI - * 0042FB9B 7F 12 JG SHORT lcsebody.0042FBAF - * 0042FB9D 53 PUSH EBX - * 0042FB9E 68 20F54800 PUSH lcsebody.0048F520 ; ASCII "err" - * 0042FBA3 68 F4F44800 PUSH lcsebody.0048F4F4 - * 0042FBA8 53 PUSH EBX - * 0042FBA9 FF15 EC874A00 CALL DWORD PTR DS:[<&USER32.MessageBoxA>>; user32.MessageBoxA - * 0042FBAF 8B87 80290000 MOV EAX,DWORD PTR DS:[EDI+0x2980] - * 0042FBB5 8D34F0 LEA ESI,DWORD PTR DS:[EAX+ESI*8] - * 0042FBB8 8B06 MOV EAX,DWORD PTR DS:[ESI] - * 0042FBBA 50 PUSH EAX - * 0042FBBB 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX - * 0042FBBF E8 5E840000 CALL lcsebody.00438022 - * 0042FBC4 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] - * 0042FBC8 83C4 04 ADD ESP,0x4 - * 0042FBCB 8BD1 MOV EDX,ECX - * 0042FBCD 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX - * 0042FBD1 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - * 0042FBD4 8BF8 MOV EDI,EAX - * 0042FBD6 C1E9 02 SHR ECX,0x2 - * 0042FBD9 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS> - * 0042FBDB 8BCA MOV ECX,EDX - * 0042FBDD EB 4D JMP SHORT lcsebody.0042FC2C - * 0042FBDF 83F8 02 CMP EAX,0x2 ; jichi: esi=arg1 jumped here - * 0042FBE2 0F85 A2000000 JNZ lcsebody.0042FC8A - * 0042FBE8 A1 E8234A00 MOV EAX,DWORD PTR DS:[0x4A23E8] ; jichi: text length here - * 0042FBED 8B56 04 MOV EDX,DWORD PTR DS:[ESI+0x4] - * 0042FBF0 8B88 44290000 MOV ECX,DWORD PTR DS:[EAX+0x2944] - * 0042FBF6 8B0411 MOV EAX,DWORD PTR DS:[ECX+EDX] - * - * 0042FBF9 50 PUSH EAX ; jichi: hook1, text length pushed, new function - * 0042FBFA 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX ; jichi: text length, is this the memory allocation - * 0042FBFE E8 1F840000 CALL lcsebody.00438022 - * - * 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here - * 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here - * 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] - * 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX - * 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: base addr, [[0x4A23E8] + 0x2944] - * 0042FC1A 8BF8 MOV EDI,EAX - * 0042FC1C 8BC1 MOV EAX,ECX - * 0042FC1E 83C4 04 ADD ESP,0x4 - * - * 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: hook2, text in esi - * 0042FC25 C1E9 02 SHR ECX,0x2 ; jichi: ecx is now the count, here, the rep function is blocked by 4 for performance - * 0042FC28 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS[ESI] ; jichi: text accessed here from esi to edi - * - * 0042FC2A 8BC8 MOV ECX,EAX - * 0042FC2C 8B5424 28 MOV EDX,DWORD PTR SS:[ESP+0x28] - * 0042FC30 83E1 03 AND ECX,0x3 - * 0042FC33 F3:A4 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI] - * 0042FC35 8B4C24 2C MOV ECX,DWORD PTR SS:[ESP+0x2C] - * 0042FC39 8D4424 0C LEA EAX,DWORD PTR SS:[ESP+0xC] - * 0042FC3D 51 PUSH ECX - * 0042FC3E 52 PUSH EDX - * 0042FC3F 50 PUSH EAX - * 0042FC40 E8 AB14FDFF CALL lcsebody.004010F0 - * 0042FC45 83C4 0C ADD ESP,0xC - * 0042FC48 C74424 1C FFFFFF>MOV DWORD PTR SS:[ESP+0x1C],-0x1 - * 0042FC50 84C0 TEST AL,AL - * 0042FC52 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+0x10] - * 0042FC56 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX - * 0042FC5A 74 21 JE SHORT lcsebody.0042FC7D - * 0042FC5C 3BC3 CMP EAX,EBX - * 0042FC5E 74 09 JE SHORT lcsebody.0042FC69 - * 0042FC60 50 PUSH EAX - * 0042FC61 E8 467E0000 CALL lcsebody.00437AAC - * 0042FC66 83C4 04 ADD ESP,0x4 - * 0042FC69 5F POP EDI - * 0042FC6A 5E POP ESI - * 0042FC6B B0 01 MOV AL,0x1 - * 0042FC6D 5B POP EBX - * 0042FC6E 8B4C24 08 MOV ECX,DWORD PTR SS:[ESP+0x8] - * 0042FC72 64:890D 00000000 MOV DWORD PTR FS:[0],ECX - * 0042FC79 83C4 14 ADD ESP,0x14 - * 0042FC7C C3 RETN - * 0042FC7D 3BC3 CMP EAX,EBX - * 0042FC7F 74 09 JE SHORT lcsebody.0042FC8A - * 0042FC81 50 PUSH EAX - * 0042FC82 E8 257E0000 CALL lcsebody.00437AAC - * 0042FC87 83C4 04 ADD ESP,0x4 - * 0042FC8A 8B4C24 14 MOV ECX,DWORD PTR SS:[ESP+0x14] - * 0042FC8E 5F POP EDI - * 0042FC8F 5E POP ESI - * 0042FC90 32C0 XOR AL,AL - * 0042FC92 5B POP EBX - * 0042FC93 64:890D 00000000 MOV DWORD PTR FS:[0],ECX - * 0042FC9A 83C4 14 ADD ESP,0x14 - * 0042FC9D C3 RETN - * 0042FC9E 90 NOP - * 0042FC9F 90 NOP - * 0042FCA0 CC INT3 - * 0042FCA1 CC INT3 - * 0042FCA2 CC INT3 - * 0042FCA3 CC INT3 - * 0042FCA4 CC INT3 - * 0042FCA5 CC INT3 - * 0042FCA6 CC INT3 - * - * Sample game: 姦獄学園 - * - * 00430CAB CC INT3 - * 00430CAC CC INT3 - * 00430CAD CC INT3 - * 00430CAE CC INT3 - * 00430CAF CC INT3 - * 00430CB0 6A FF PUSH -0x1 - * 00430CB2 68 08204800 PUSH .00482008 - * 00430CB7 64:A1 00000000 MOV EAX,DWORD PTR FS:[0] - * 00430CBD 50 PUSH EAX - * 00430CBE 64:8925 00000000 MOV DWORD PTR FS:[0],ESP - * 00430CC5 83EC 08 SUB ESP,0x8 - * 00430CC8 53 PUSH EBX - * 00430CC9 33DB XOR EBX,EBX - * 00430CCB 56 PUSH ESI - * 00430CCC 57 PUSH EDI - * 00430CCD 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX - * 00430CD1 895C24 10 MOV DWORD PTR SS:[ESP+0x10],EBX - * 00430CD5 8B7424 24 MOV ESI,DWORD PTR SS:[ESP+0x24] - * 00430CD9 895C24 1C MOV DWORD PTR SS:[ESP+0x1C],EBX - * 00430CDD 8B06 MOV EAX,DWORD PTR DS:[ESI] - * 00430CDF 83F8 05 CMP EAX,0x5 - * 00430CE2 75 2F JNZ SHORT .00430D13 - * 00430CE4 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - * 00430CE7 8B3D 9C4E4A00 MOV EDI,DWORD PTR DS:[0x4A4E9C] - * 00430CED 3BF3 CMP ESI,EBX - * 00430CEF 7C 08 JL SHORT .00430CF9 - * 00430CF1 39B7 54310000 CMP DWORD PTR DS:[EDI+0x3154],ESI - * 00430CF7 7F 12 JG SHORT .00430D0B - * 00430CF9 53 PUSH EBX - * 00430CFA 68 98154900 PUSH .00491598 ; ASCII "err" - * 00430CFF 68 D8254900 PUSH .004925D8 - * 00430D04 53 PUSH EBX - * 00430D05 FF15 2CC84A00 CALL DWORD PTR DS:[0x4AC82C] ; user32.MessageBoxA - * 00430D0B 8B87 74310000 MOV EAX,DWORD PTR DS:[EDI+0x3174] - * 00430D11 EB 32 JMP SHORT .00430D45 - * 00430D13 83F8 08 CMP EAX,0x8 - * 00430D16 75 57 JNZ SHORT .00430D6F - * 00430D18 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - * 00430D1B 8B3D 9C4E4A00 MOV EDI,DWORD PTR DS:[0x4A4E9C] - * 00430D21 3BF3 CMP ESI,EBX - * 00430D23 7C 08 JL SHORT .00430D2D - * 00430D25 39B7 60310000 CMP DWORD PTR DS:[EDI+0x3160],ESI - * 00430D2B 7F 12 JG SHORT .00430D3F - * 00430D2D 53 PUSH EBX - * 00430D2E 68 98154900 PUSH .00491598 ; ASCII "err" - * 00430D33 68 AC254900 PUSH .004925AC - * 00430D38 53 PUSH EBX - * 00430D39 FF15 2CC84A00 CALL DWORD PTR DS:[0x4AC82C] ; user32.MessageBoxA - * 00430D3F 8B87 80310000 MOV EAX,DWORD PTR DS:[EDI+0x3180] - * 00430D45 8D34F0 LEA ESI,DWORD PTR DS:[EAX+ESI*8] - * 00430D48 8B06 MOV EAX,DWORD PTR DS:[ESI] - * 00430D4A 50 PUSH EAX - * 00430D4B 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX - * 00430D4F E8 BE890000 CALL .00439712 - * 00430D54 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] - * 00430D58 83C4 04 ADD ESP,0x4 - * 00430D5B 8BD1 MOV EDX,ECX - * 00430D5D 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX - * 00430D61 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - * 00430D64 8BF8 MOV EDI,EAX - * 00430D66 C1E9 02 SHR ECX,0x2 - * 00430D69 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS> - * 00430D6B 8BCA MOV ECX,EDX - * 00430D6D EB 4D JMP SHORT .00430DBC - * 00430D6F 83F8 02 CMP EAX,0x2 - * 00430D72 0F85 A2000000 JNZ .00430E1A - * 00430D78 A1 9C4E4A00 MOV EAX,DWORD PTR DS:[0x4A4E9C] - * 00430D7D 8B56 04 MOV EDX,DWORD PTR DS:[ESI+0x4] - * 00430D80 8B88 44310000 MOV ECX,DWORD PTR DS:[EAX+0x3144] - * 00430D86 8B0411 MOV EAX,DWORD PTR DS:[ECX+EDX] - * 00430D89 50 PUSH EAX - * 00430D8A 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX - * 00430D8E E8 7F890000 CALL .00439712 - * 00430D93 8B15 9C4E4A00 MOV EDX,DWORD PTR DS:[0x4A4E9C] - * 00430D99 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] - * 00430D9D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] - * 00430DA0 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX - * 00430DA4 8B92 44310000 MOV EDX,DWORD PTR DS:[EDX+0x3144] - * 00430DAA 8BF8 MOV EDI,EAX - * 00430DAC 8BC1 MOV EAX,ECX - * 00430DAE 83C4 04 ADD ESP,0x4 - * 00430DB1 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: the other game's access point - * 00430DB5 C1E9 02 SHR ECX,0x2 - * 00430DB8 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI] - * 00430DBA 8BC8 MOV ECX,EAX - * 00430DBC 8B5424 28 MOV EDX,DWORD PTR SS:[ESP+0x28] - * 00430DC0 83E1 03 AND ECX,0x3 - * 00430DC3 F3:A4 REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI] - * 00430DC5 8B4C24 2C MOV ECX,DWORD PTR SS:[ESP+0x2C] - * 00430DC9 8D4424 0C LEA EAX,DWORD PTR SS:[ESP+0xC] - * 00430DCD 51 PUSH ECX - * 00430DCE 52 PUSH EDX - * 00430DCF 50 PUSH EAX - * 00430DD0 E8 2503FDFF CALL .004010FA - * 00430DD5 83C4 0C ADD ESP,0xC - * 00430DD8 C74424 1C FFFFFF>MOV DWORD PTR SS:[ESP+0x1C],-0x1 - * 00430DE0 84C0 TEST AL,AL - * 00430DE2 8B4424 10 MOV EAX,DWORD PTR SS:[ESP+0x10] - * 00430DE6 895C24 0C MOV DWORD PTR SS:[ESP+0xC],EBX - * 00430DEA 74 21 JE SHORT .00430E0D - * 00430DEC 3BC3 CMP EAX,EBX - * 00430DEE 74 09 JE SHORT .00430DF9 - * 00430DF0 50 PUSH EAX - * 00430DF1 E8 A6830000 CALL .0043919C - * 00430DF6 83C4 04 ADD ESP,0x4 - * 00430DF9 5F POP EDI - * 00430DFA 5E POP ESI - * 00430DFB B0 01 MOV AL,0x1 - * 00430DFD 5B POP EBX - * 00430DFE 8B4C24 08 MOV ECX,DWORD PTR SS:[ESP+0x8] - * 00430E02 64:890D 00000000 MOV DWORD PTR FS:[0],ECX - * 00430E09 83C4 14 ADD ESP,0x14 - * 00430E0C C3 RETN - * 00430E0D 3BC3 CMP EAX,EBX - * 00430E0F 74 09 JE SHORT .00430E1A - * 00430E11 50 PUSH EAX - * 00430E12 E8 85830000 CALL .0043919C - * 00430E17 83C4 04 ADD ESP,0x4 - * 00430E1A 8B4C24 14 MOV ECX,DWORD PTR SS:[ESP+0x14] - * 00430E1E 5F POP EDI - * 00430E1F 5E POP ESI - * 00430E20 32C0 XOR AL,AL - * 00430E22 5B POP EBX - * 00430E23 64:890D 00000000 MOV DWORD PTR FS:[0],ECX - * 00430E2A 83C4 14 ADD ESP,0x14 - * 00430E2D C3 RETN - * 00430E2E 90 NOP - * 00430E2F 90 NOP - * 00430E30 CC INT3 - * 00430E31 CC INT3 - * 00430E32 CC INT3 - * 00430E33 CC INT3 - * 00430E34 CC INT3 - */ -bool isLeadByteChar(const char *s) - { - return dynsjis::isleadstr(s); - //return ::IsDBCSLeadByte(HIBYTE(testChar)); - } -bool attach(ULONG startAddress, ULONG stopAddress,ULONG dyna) -{ - const uint8_t bytes[] = { - 0x8d,0x74,0x32, 0x04, // 0042fc21 8d7432 04 lea esi,dword ptr ds:[edx+esi+0x4] - 0xc1,0xe9, 0x02, // 0042fc25 c1e9 02 shr ecx,0x2 - 0xf3,0xa5 // 0042fc28 f3:a5 rep movs dword ptr es:[edi],dword ptr ds[esi] ; jichi: text accessed here from esi to edi - }; - ULONG addr2 = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); - if (!addr2) - return false; - - // 0042FBF9 50 PUSH EAX ; jichi: hook1, text length pushed, new function - // 0042FBFA 894424 10 MOV DWORD PTR SS:[ESP+0x10],EAX ; jichi: text length, is this the memory allocation? - // 0042FBFE E8 1F840000 CALL lcsebody.00438022 - // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here - // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here - // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] - // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX - // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: base addr, [[0x4A23E8] + 0x2944] - // 0042FC1A 8BF8 MOV EDI,EAX - // 0042FC1C 8BC1 MOV EAX,ECX - // 0042FC1E 83C4 04 ADD ESP,0x4 - // - // 0042FC21 8D7432 04 LEA ESI,DWORD PTR DS:[EDX+ESI+0x4] ; jichi: hook2, text in esi - // 0042FC25 C1E9 02 SHR ECX,0x2 ; jichi: ecx is now the count, here, the rep function is blocked by 4 for performance - // 0042FC28 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS[ESI] ; jichi: text accessed here from esi to edi - ULONG addr1 = addr2 + 0x0042fbf9 - 0x0042fc21; - if (*(BYTE *)addr1 != 0x50) // push_eax - return false; - - // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] ; jichi: text here - // 0042FC09 8B4C24 10 MOV ECX,DWORD PTR SS:[ESP+0x10] ; jichi: count is here - // 0042FC0D 8B76 04 MOV ESI,DWORD PTR DS:[ESI+0x4] ; jichi: [arg1+4] - // 0042FC10 894424 14 MOV DWORD PTR SS:[ESP+0x14],EAX - // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] ; jichi: offset addr, [[0x4A23E8] + 0x2944] - { - ULONG addr = addr2 + 0x0042fc03 - 0x0042fc21; - if (*(WORD *)addr != 0x158b) // 0042FC03 8B15 E8234A00 MOV EDX,DWORD PTR DS:[0x4A23E8] - return false; - addr += 2; - Private::textBaseAddress_ = *(DWORD *)addr; - } - { - ULONG addr = addr2 + 0x0042fc14 - 0x0042fc21; - if (*(WORD *)addr != 0x928b) // 0042FC14 8B92 44290000 MOV EDX,DWORD PTR DS:[EDX+0x2944] - return false; - addr += 2; - Private::textOffset_ = *(DWORD *)addr; - } - HookParam hp; - hp.address=addr1; - hp.hook_before=Private::hook1; - hp.hook_after=Private::hookafter; - hp.type=EMBED_ABLE; - hp.newlineseperator=L"\x01"; - hp.hook_font=F_GetGlyphOutlineA; - if(dyna){ - static ULONG dynas; - dynas=dyna; - hp.type|=EMBED_DYNA_SJIS; - hp.hook_font=F_GetGlyphOutlineA; - patch_fun=[](){ - ReplaceFunction((PVOID*)&dynas, (PVOID)(ULONG)isLeadByteChar); - dynamiccodec->setMinimumSecondByte(6);//// skip 0x1,0x2,0x3 in case dynamic encoding could crash the game - }; - } - auto succ=NewHook(hp,"EmbedLCSE"); - hp.address=addr2+4; - hp.hook_before=Private::hook2; - hp.type=EMBED_ABLE|HOOK_EMPTY; - succ|=NewHook(hp,"EmbedLCSE"); - return succ; -} -} // namespace ScenarioHook - -namespace Patch { - -namespace Private { - bool isLeadByteChar(const char *s) - { - return dynsjis::isleadstr(s); - //return ::IsDBCSLeadByte(HIBYTE(testChar)); - } - -} // namespace Private - -/** - * Sample game: 春恋*乙女~乙女の園でごきげんよう。~ - * - * Debugging method: Find text in memory, and then insert hardware breakpoint. - * It will be accessed only ONCE in the following function. - * - * This function can also be found by searching the following instruction: - * 0040A389 3C 81 CMP AL,0x81 - * - * This function is very similar to that in CatSystem2. - * - * 0040A37E CC INT3 - * 0040A37F CC INT3 - * 0040A380 8B4C24 04 MOV ECX,DWORD PTR SS:[ESP+0x4] - * 0040A384 8A01 MOV AL,BYTE PTR DS:[ECX] ; jichi: first byte - * 0040A386 8A49 01 MOV CL,BYTE PTR DS:[ECX+0x1] ; jichi: second byte - * 0040A389 3C 81 CMP AL,0x81 - * 0040A38B 72 04 JB SHORT lcsebody.0040A391 - * 0040A38D 3C 9F CMP AL,0x9F - * 0040A38F 76 08 JBE SHORT lcsebody.0040A399 - * 0040A391 3C E0 CMP AL,0xE0 - * 0040A393 72 1B JB SHORT lcsebody.0040A3B0 - * 0040A395 3C FC CMP AL,0xFC - * 0040A397 77 17 JA SHORT lcsebody.0040A3B0 - * 0040A399 80F9 40 CMP CL,0x40 - * 0040A39C 72 05 JB SHORT lcsebody.0040A3A3 - * 0040A39E 80F9 7E CMP CL,0x7E - * 0040A3A1 76 0A JBE SHORT lcsebody.0040A3AD - * 0040A3A3 80F9 80 CMP CL,0x80 - * 0040A3A6 72 08 JB SHORT lcsebody.0040A3B0 - * 0040A3A8 80F9 FC CMP CL,0xFC - * 0040A3AB 77 03 JA SHORT lcsebody.0040A3B0 - * 0040A3AD B0 01 MOV AL,0x1 - * 0040A3AF C3 RETN - * 0040A3B0 32C0 XOR AL,AL - * 0040A3B2 C3 RETN - * 0040A3B3 90 NOP - * 0040A3B4 90 NOP - * 0040A3B5 90 NOP - * 0040A3B6 90 NOP - * - * This function is found by tracing the caller of GetGlyphOutlineA, as follows: - * - * 00416B6B CC INT3 - * 00416B6C CC INT3 - * 00416B6D CC INT3 - * 00416B6E CC INT3 - * 00416B6F CC INT3 - * 00416B70 83EC 08 SUB ESP,0x8 - * 00416B73 53 PUSH EBX - * 00416B74 56 PUSH ESI - * 00416B75 8BF1 MOV ESI,ECX - * 00416B77 33DB XOR EBX,EBX ; jichi: zero ebx - * 00416B79 57 PUSH EDI - * 00416B7A 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] - * 00416B80 8A9430 08010000 MOV DL,BYTE PTR DS:[EAX+ESI+0x108] ; jichi: byte accessed here - * 00416B87 8D8C30 08010000 LEA ECX,DWORD PTR DS:[EAX+ESI+0x108] ; jichi: byte accessed here - * 00416B8E 3AD3 CMP DL,BL ; jichi: bl is zero, dl is the current byte - * 00416B90 75 0C JNZ SHORT lcsebody.00416B9E - * 00416B92 B8 FF000000 MOV EAX,0xFF - * 00416B97 5F POP EDI - * 00416B98 5E POP ESI - * 00416B99 5B POP EBX - * 00416B9A 83C4 08 ADD ESP,0x8 - * 00416B9D C3 RETN - * 00416B9E 8B96 F0000000 MOV EDX,DWORD PTR DS:[ESI+0xF0] - * 00416BA4 4A DEC EDX - * 00416BA5 3BC2 CMP EAX,EDX - * 00416BA7 0F8D 31010000 JGE lcsebody.00416CDE - * 00416BAD 51 PUSH ECX - * 00416BAE E8 31B1FEFF CALL lcsebody.00401CE4 ; jichi: ecx point to the current character, return 0 or 1 - * 00416BB3 83C4 04 ADD ESP,0x4 - * 00416BB6 84C0 TEST AL,AL - * 00416BB8 0F84 20010000 JE lcsebody.00416CDE ; jichi: wrong here - * 00416BBE 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] - * 00416BC4 33C9 XOR ECX,ECX - * 00416BC6 03C6 ADD EAX,ESI - * 00416BC8 889E 20050000 MOV BYTE PTR DS:[ESI+0x520],BL - * 00416BCE 8AA8 08010000 MOV CH,BYTE PTR DS:[EAX+0x108] ; jichi: high bits - * 00416BD4 8A88 09010000 MOV CL,BYTE PTR DS:[EAX+0x109] - * 00416BDA 8BF9 MOV EDI,ECX ; jichi: low bits, edi is now the full character - * 00416BDC 8BCE MOV ECX,ESI ; jichi: recover ecx to esi - * 00416BDE E8 13AEFEFF CALL lcsebody.004019F6 ; jichi: eax is zero when edi is legal - * 00416BE3 3BC3 CMP EAX,EBX ; jichi: ebx is always zero as well - * 00416BE5 74 4A JE SHORT lcsebody.00416C31 - * 00416BE7 389E 2C050000 CMP BYTE PTR DS:[ESI+0x52C],BL - * 00416BED 0F84 9A020000 JE lcsebody.00416E8D - * 00416BF3 389E 20050000 CMP BYTE PTR DS:[ESI+0x520],BL - * 00416BF9 74 1B JE SHORT lcsebody.00416C16 - * 00416BFB B9 34F14800 MOV ECX,lcsebody.0048F134 - * 00416C00 3B39 CMP EDI,DWORD PTR DS:[ECX] - * 00416C02 74 2D JE SHORT lcsebody.00416C31 - * 00416C04 83C1 04 ADD ECX,0x4 - * 00416C07 81F9 50F14800 CMP ECX,lcsebody.0048F150 - * 00416C0D ^7C F1 JL SHORT lcsebody.00416C00 - * 00416C0F 5F POP EDI - * 00416C10 5E POP ESI - * 00416C11 5B POP EBX - * 00416C12 83C4 08 ADD ESP,0x8 - * 00416C15 C3 RETN - * 00416C16 B9 00F14800 MOV ECX,lcsebody.0048F100 - * 00416C1B 3B39 CMP EDI,DWORD PTR DS:[ECX] - * 00416C1D 74 12 JE SHORT lcsebody.00416C31 - * 00416C1F 83C1 04 ADD ECX,0x4 - * 00416C22 81F9 34F14800 CMP ECX,lcsebody.0048F134 - * 00416C28 ^7C F1 JL SHORT lcsebody.00416C1B - * 00416C2A 5F POP EDI - * 00416C2B 5E POP ESI - * 00416C2C 5B POP EBX - * 00416C2D 83C4 08 ADD ESP,0x8 - * 00416C30 C3 RETN - * 00416C31 8A8E 20050000 MOV CL,BYTE PTR DS:[ESI+0x520] - * 00416C37 3ACB CMP CL,BL - * 00416C39 74 15 JE SHORT lcsebody.00416C50 - * 00416C3B B8 70F14800 MOV EAX,lcsebody.0048F170 - * 00416C40 3B38 CMP EDI,DWORD PTR DS:[EAX] - * 00416C42 74 21 JE SHORT lcsebody.00416C65 - * 00416C44 83C0 04 ADD EAX,0x4 - * 00416C47 3D 7CF14800 CMP EAX,lcsebody.0048F17C - * 00416C4C ^7C F2 JL SHORT lcsebody.00416C40 - * 00416C4E EB 1B JMP SHORT lcsebody.00416C6B - * 00416C50 B8 50F14800 MOV EAX,lcsebody.0048F150 - * 00416C55 3B38 CMP EDI,DWORD PTR DS:[EAX] ; jichi: compare current wide character with a threshold (0x8169 = "(") - * 00416C57 74 0C JE SHORT lcsebody.00416C65 - * 00416C59 83C0 04 ADD EAX,0x4 - * 00416C5C 3D 70F14800 CMP EAX,lcsebody.0048F170 - * 00416C61 ^7C F2 JL SHORT lcsebody.00416C55 - * 00416C63 EB 06 JMP SHORT lcsebody.00416C6B - * 00416C65 FF86 24050000 INC DWORD PTR DS:[ESI+0x524] - * 00416C6B 3ACB CMP CL,BL - * 00416C6D 74 15 JE SHORT lcsebody.00416C84 - * 00416C6F B8 9CF14800 MOV EAX,lcsebody.0048F19C - * 00416C74 3B38 CMP EDI,DWORD PTR DS:[EAX] - * 00416C76 74 21 JE SHORT lcsebody.00416C99 - * 00416C78 83C0 04 ADD EAX,0x4 - * 00416C7B 3D A8F14800 CMP EAX,lcsebody.0048F1A8 - * 00416C80 ^7C F2 JL SHORT lcsebody.00416C74 - * 00416C82 EB 2A JMP SHORT lcsebody.00416CAE - * 00416C84 B8 7CF14800 MOV EAX,lcsebody.0048F17C - * 00416C89 3B38 CMP EDI,DWORD PTR DS:[EAX] - * 00416C8B 74 0C JE SHORT lcsebody.00416C99 - * 00416C8D 83C0 04 ADD EAX,0x4 - * 00416C90 3D 9CF14800 CMP EAX,lcsebody.0048F19C - * 00416C95 ^7C F2 JL SHORT lcsebody.00416C89 - * 00416C97 EB 15 JMP SHORT lcsebody.00416CAE - * 00416C99 8B86 24050000 MOV EAX,DWORD PTR DS:[ESI+0x524] - * 00416C9F 48 DEC EAX - * 00416CA0 8986 24050000 MOV DWORD PTR DS:[ESI+0x524],EAX - * 00416CA6 79 06 JNS SHORT lcsebody.00416CAE - * 00416CA8 899E 24050000 MOV DWORD PTR DS:[ESI+0x524],EBX - * 00416CAE 57 PUSH EDI - * 00416CAF 8BCE MOV ECX,ESI - * 00416CB1 E8 20A5FEFF CALL lcsebody.004011D6 - * 00416CB6 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] - * 00416CBC 8A9430 08010000 MOV DL,BYTE PTR DS:[EAX+ESI+0x108] - * 00416CC3 83C0 02 ADD EAX,0x2 - * 00416CC6 885424 0C MOV BYTE PTR SS:[ESP+0xC],DL - * 00416CCA 8A8C30 07010000 MOV CL,BYTE PTR DS:[EAX+ESI+0x107] - * 00416CD1 884C24 0D MOV BYTE PTR SS:[ESP+0xD],CL - * 00416CD5 885C24 0E MOV BYTE PTR SS:[ESP+0xE],BL - * 00416CD9 E9 77010000 JMP lcsebody.00416E55 - * 00416CDE 8B96 EC000000 MOV EDX,DWORD PTR DS:[ESI+0xEC] - * 00416CE4 C686 20050000 01 MOV BYTE PTR DS:[ESI+0x520],0x1 - * 00416CEB 8A8C16 08010000 MOV CL,BYTE PTR DS:[ESI+EDX+0x108] - * 00416CF2 8D8416 08010000 LEA EAX,DWORD PTR DS:[ESI+EDX+0x108] - * 00416CF9 80F9 1F CMP CL,0x1F - * 00416CFC 77 54 JA SHORT lcsebody.00416D52 - * 00416CFE 80F9 03 CMP CL,0x3 - * 00416D01 75 06 JNZ SHORT lcsebody.00416D09 - * 00416D03 899E 28050000 MOV DWORD PTR DS:[ESI+0x528],EBX - * 00416D09 8A00 MOV AL,BYTE PTR DS:[EAX] - * 00416D0B 83EC 0C SUB ESP,0xC - * 00416D0E 8D5424 18 LEA EDX,DWORD PTR SS:[ESP+0x18] - * 00416D12 8BCC MOV ECX,ESP - * 00416D14 896424 1C MOV DWORD PTR SS:[ESP+0x1C],ESP - * 00416D18 8DBE FC000000 LEA EDI,DWORD PTR DS:[ESI+0xFC] - * 00416D1E 52 PUSH EDX - * 00416D1F 51 PUSH ECX - * 00416D20 8BCF MOV ECX,EDI - * 00416D22 884424 20 MOV BYTE PTR SS:[ESP+0x20],AL - * 00416D26 885C24 21 MOV BYTE PTR SS:[ESP+0x21],BL - * 00416D2A E8 D0A8FEFF CALL lcsebody.004015FF - * 00416D2F 8BCF MOV ECX,EDI - * 00416D31 E8 A1A8FEFF CALL lcsebody.004015D7 - * 00416D36 8B8E EC000000 MOV ECX,DWORD PTR DS:[ESI+0xEC] - * 00416D3C 0FBE8431 0801000> MOVSX EAX,BYTE PTR DS:[ECX+ESI+0x108] - * 00416D44 41 INC ECX - * 00416D45 898E EC000000 MOV DWORD PTR DS:[ESI+0xEC],ECX - * 00416D4B 5F POP EDI - * 00416D4C 5E POP ESI - * 00416D4D 5B POP EBX - * 00416D4E 83C4 08 ADD ESP,0x8 - * 00416D51 C3 RETN - * 00416D52 8BCE MOV ECX,ESI - * 00416D54 E8 9DACFEFF CALL lcsebody.004019F6 - * 00416D59 3BC3 CMP EAX,EBX - * 00416D5B 74 4A JE SHORT lcsebody.00416DA7 - * 00416D5D 389E 2C050000 CMP BYTE PTR DS:[ESI+0x52C],BL - * 00416D63 0F84 24010000 JE lcsebody.00416E8D - * 00416D69 389E 20050000 CMP BYTE PTR DS:[ESI+0x520],BL - * 00416D6F 74 1B JE SHORT lcsebody.00416D8C - * 00416D71 B9 34F14800 MOV ECX,lcsebody.0048F134 - * 00416D76 3919 CMP DWORD PTR DS:[ECX],EBX - * 00416D78 74 2D JE SHORT lcsebody.00416DA7 - * 00416D7A 83C1 04 ADD ECX,0x4 - * 00416D7D 81F9 50F14800 CMP ECX,lcsebody.0048F150 - * 00416D83 ^7C F1 JL SHORT lcsebody.00416D76 - * 00416D85 5F POP EDI - * 00416D86 5E POP ESI - * 00416D87 5B POP EBX - * 00416D88 83C4 08 ADD ESP,0x8 - * 00416D8B C3 RETN - * 00416D8C B9 00F14800 MOV ECX,lcsebody.0048F100 - * 00416D91 3919 CMP DWORD PTR DS:[ECX],EBX - * 00416D93 74 12 JE SHORT lcsebody.00416DA7 - * 00416D95 83C1 04 ADD ECX,0x4 - * 00416D98 81F9 34F14800 CMP ECX,lcsebody.0048F134 - * 00416D9E ^7C F1 JL SHORT lcsebody.00416D91 - * 00416DA0 5F POP EDI - * 00416DA1 5E POP ESI - * 00416DA2 5B POP EBX - * 00416DA3 83C4 08 ADD ESP,0x8 - * 00416DA6 C3 RETN - * 00416DA7 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] - * 00416DAD 8A96 20050000 MOV DL,BYTE PTR DS:[ESI+0x520] - * 00416DB3 0FBEBC06 08010000 MOVSX EDI,BYTE PTR DS:[ESI+EAX+0x108] ; jichi: edi get assigned to the illegal character - * 00416DBB 8BCF MOV ECX,EDI - * 00416DBD C1E1 08 SHL ECX,0x8 - * 00416DC0 3AD3 CMP DL,BL - * 00416DC2 74 15 JE SHORT lcsebody.00416DD9 - * 00416DC4 B8 70F14800 MOV EAX,lcsebody.0048F170 - * 00416DC9 3B08 CMP ECX,DWORD PTR DS:[EAX] - * 00416DCB 74 21 JE SHORT lcsebody.00416DEE - * 00416DCD 83C0 04 ADD EAX,0x4 - * 00416DD0 3D 7CF14800 CMP EAX,lcsebody.0048F17C - * 00416DD5 ^7C F2 JL SHORT lcsebody.00416DC9 - * 00416DD7 EB 1B JMP SHORT lcsebody.00416DF4 - * 00416DD9 B8 50F14800 MOV EAX,lcsebody.0048F150 - * 00416DDE 3B08 CMP ECX,DWORD PTR DS:[EAX] - * 00416DE0 74 0C JE SHORT lcsebody.00416DEE - * 00416DE2 83C0 04 ADD EAX,0x4 - * 00416DE5 3D 70F14800 CMP EAX,lcsebody.0048F170 - * 00416DEA ^7C F2 JL SHORT lcsebody.00416DDE - * 00416DEC EB 06 JMP SHORT lcsebody.00416DF4 - * 00416DEE FF86 24050000 INC DWORD PTR DS:[ESI+0x524] - * 00416DF4 3AD3 CMP DL,BL - * 00416DF6 74 15 JE SHORT lcsebody.00416E0D - * 00416DF8 B8 9CF14800 MOV EAX,lcsebody.0048F19C - * 00416DFD 3B08 CMP ECX,DWORD PTR DS:[EAX] - * 00416DFF 74 21 JE SHORT lcsebody.00416E22 - * 00416E01 83C0 04 ADD EAX,0x4 - * 00416E04 3D A8F14800 CMP EAX,lcsebody.0048F1A8 - * 00416E09 ^7C F2 JL SHORT lcsebody.00416DFD - * 00416E0B EB 2A JMP SHORT lcsebody.00416E37 - * 00416E0D B8 7CF14800 MOV EAX,lcsebody.0048F17C - * 00416E12 3B08 CMP ECX,DWORD PTR DS:[EAX] - * 00416E14 74 0C JE SHORT lcsebody.00416E22 - * 00416E16 83C0 04 ADD EAX,0x4 - * 00416E19 3D 9CF14800 CMP EAX,lcsebody.0048F19C - * 00416E1E ^7C F2 JL SHORT lcsebody.00416E12 - * 00416E20 EB 15 JMP SHORT lcsebody.00416E37 - * 00416E22 8B86 24050000 MOV EAX,DWORD PTR DS:[ESI+0x524] - * 00416E28 48 DEC EAX - * 00416E29 8986 24050000 MOV DWORD PTR DS:[ESI+0x524],EAX - * 00416E2F 79 06 JNS SHORT lcsebody.00416E37 - * 00416E31 899E 24050000 MOV DWORD PTR DS:[ESI+0x524],EBX - * 00416E37 57 PUSH EDI ; jichi: invalid character - * 00416E38 8BCE MOV ECX,ESI - * 00416E3A E8 97A3FEFF CALL lcsebody.004011D6 ; jichi: char in arg1 - * 00416E3F 8B86 EC000000 MOV EAX,DWORD PTR DS:[ESI+0xEC] - */ - -ULONG patchEncoding(ULONG startAddress, ULONG stopAddress) -{ - const uint8_t bytes[] = { - 0x8b,0x4c,0x24, 0x04, // 0040a380 8b4c24 04 mov ecx,dword ptr ss:[esp+0x4] - 0x8a,0x01, // 0040a384 8a01 mov al,byte ptr ds:[ecx] - 0x8a,0x49, 0x01, // 0040a386 8a49 01 mov cl,byte ptr ds:[ecx+0x1] - 0x3c, 0x81 // 0040a389 3c 81 cmp al,0x81 - }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); - return addr;// && winhook::replace_fun(addr, (ULONG)Private::isLeadByteChar); -} - -} // namespace Patch + } // namespace Patch } // unnamed namespace bool LCScript::attach_function() -{ - - if (!ScenarioHook::attach(processStartAddress, processStopAddress,Patch::patchEncoding(processStartAddress, processStopAddress))) +{ + + if (!ScenarioHook::attach(processStartAddress, processStopAddress, Patch::patchEncoding(processStartAddress, processStopAddress))) return false; - + return true; } \ No newline at end of file diff --git a/LunaHook/pchhook.h b/LunaHook/pchhook.h index f093660..184fb6e 100644 --- a/LunaHook/pchhook.h +++ b/LunaHook/pchhook.h @@ -21,7 +21,6 @@ enum #include "disasm/disasm.h" #include "engine.h" #include "embed_util.h" -#include "detours.h" #include "hijackfuns.h" #include "Lang/Lang.h" diff --git a/libs/Detours-4.0.1/include/detours.h b/libs/Detours-4.0.1/include/detours.h deleted file mode 100644 index fe7acf1..0000000 --- a/libs/Detours-4.0.1/include/detours.h +++ /dev/null @@ -1,1059 +0,0 @@ -///////////////////////////////////////////////////////////////////////////// -// -// Core Detours Functionality (detours.h of detours.lib) -// -// Microsoft Research Detours Package, Version 4.0.1 -// -// Copyright (c) Microsoft Corporation. All rights reserved. -// - -#pragma once -#ifndef _DETOURS_H_ -#define _DETOURS_H_ - -#define DETOURS_VERSION 0x4c0c1 // 0xMAJORcMINORcPATCH - -////////////////////////////////////////////////////////////////////////////// -// - -#undef DETOURS_X64 -#undef DETOURS_X86 -#undef DETOURS_IA64 -#undef DETOURS_ARM -#undef DETOURS_ARM64 -#undef DETOURS_BITS -#undef DETOURS_32BIT -#undef DETOURS_64BIT - -#if defined(_X86_) -#define DETOURS_X86 -#define DETOURS_OPTION_BITS 64 - -#elif defined(_AMD64_) -#define DETOURS_X64 -#define DETOURS_OPTION_BITS 32 - -#elif defined(_IA64_) -#define DETOURS_IA64 -#define DETOURS_OPTION_BITS 32 - -#elif defined(_ARM_) -#define DETOURS_ARM - -#elif defined(_ARM64_) -#define DETOURS_ARM64 - -#else -#error Unknown architecture (x86, amd64, ia64, arm, arm64) -#endif - -#ifdef _WIN64 -#undef DETOURS_32BIT -#define DETOURS_64BIT 1 -#define DETOURS_BITS 64 -// If all 64bit kernels can run one and only one 32bit architecture. -//#define DETOURS_OPTION_BITS 32 -#else -#define DETOURS_32BIT 1 -#undef DETOURS_64BIT -#define DETOURS_BITS 32 -// If all 64bit kernels can run one and only one 32bit architecture. -//#define DETOURS_OPTION_BITS 32 -#endif - -#define VER_DETOURS_BITS DETOUR_STRINGIFY(DETOURS_BITS) - -////////////////////////////////////////////////////////////////////////////// -// - -#if (_MSC_VER < 1299) -typedef LONG LONG_PTR; -typedef ULONG ULONG_PTR; -#endif - -///////////////////////////////////////////////// SAL 2.0 Annotations w/o SAL. -// -// These definitions are include so that Detours will build even if the -// compiler doesn't have full SAL 2.0 support. -// -#ifndef DETOURS_DONT_REMOVE_SAL_20 - -#ifdef DETOURS_TEST_REMOVE_SAL_20 -#undef _Analysis_assume_ -#undef _Benign_race_begin_ -#undef _Benign_race_end_ -#undef _Field_range_ -#undef _Field_size_ -#undef _In_ -#undef _In_bytecount_ -#undef _In_count_ -#undef _In_opt_ -#undef _In_opt_bytecount_ -#undef _In_opt_count_ -#undef _In_opt_z_ -#undef _In_range_ -#undef _In_reads_ -#undef _In_reads_bytes_ -#undef _In_reads_opt_ -#undef _In_reads_opt_bytes_ -#undef _In_reads_or_z_ -#undef _In_z_ -#undef _Inout_ -#undef _Inout_opt_ -#undef _Inout_z_count_ -#undef _Out_ -#undef _Out_opt_ -#undef _Out_writes_ -#undef _Outptr_result_maybenull_ -#undef _Readable_bytes_ -#undef _Success_ -#undef _Writable_bytes_ -#undef _Pre_notnull_ -#endif - -#if defined(_Deref_out_opt_z_) && !defined(_Outptr_result_maybenull_) -#define _Outptr_result_maybenull_ _Deref_out_opt_z_ -#endif - -#if defined(_In_count_) && !defined(_In_reads_) -#define _In_reads_(x) _In_count_(x) -#endif - -#if defined(_In_opt_count_) && !defined(_In_reads_opt_) -#define _In_reads_opt_(x) _In_opt_count_(x) -#endif - -#if defined(_In_opt_bytecount_) && !defined(_In_reads_opt_bytes_) -#define _In_reads_opt_bytes_(x) _In_opt_bytecount_(x) -#endif - -#if defined(_In_bytecount_) && !defined(_In_reads_bytes_) -#define _In_reads_bytes_(x) _In_bytecount_(x) -#endif - -#ifndef _In_ -#define _In_ -#endif - -#ifndef _In_bytecount_ -#define _In_bytecount_(x) -#endif - -#ifndef _In_count_ -#define _In_count_(x) -#endif - -#ifndef _In_opt_ -#define _In_opt_ -#endif - -#ifndef _In_opt_bytecount_ -#define _In_opt_bytecount_(x) -#endif - -#ifndef _In_opt_count_ -#define _In_opt_count_(x) -#endif - -#ifndef _In_opt_z_ -#define _In_opt_z_ -#endif - -#ifndef _In_range_ -#define _In_range_(x,y) -#endif - -#ifndef _In_reads_ -#define _In_reads_(x) -#endif - -#ifndef _In_reads_bytes_ -#define _In_reads_bytes_(x) -#endif - -#ifndef _In_reads_opt_ -#define _In_reads_opt_(x) -#endif - -#ifndef _In_reads_opt_bytes_ -#define _In_reads_opt_bytes_(x) -#endif - -#ifndef _In_reads_or_z_ -#define _In_reads_or_z_ -#endif - -#ifndef _In_z_ -#define _In_z_ -#endif - -#ifndef _Inout_ -#define _Inout_ -#endif - -#ifndef _Inout_opt_ -#define _Inout_opt_ -#endif - -#ifndef _Inout_z_count_ -#define _Inout_z_count_(x) -#endif - -#ifndef _Out_ -#define _Out_ -#endif - -#ifndef _Out_opt_ -#define _Out_opt_ -#endif - -#ifndef _Out_writes_ -#define _Out_writes_(x) -#endif - -#ifndef _Outptr_result_maybenull_ -#define _Outptr_result_maybenull_ -#endif - -#ifndef _Writable_bytes_ -#define _Writable_bytes_(x) -#endif - -#ifndef _Readable_bytes_ -#define _Readable_bytes_(x) -#endif - -#ifndef _Success_ -#define _Success_(x) -#endif - -#ifndef _Pre_notnull_ -#define _Pre_notnull_ -#endif - -#ifdef DETOURS_INTERNAL - -#pragma warning(disable:4615) // unknown warning type (suppress with older compilers) - -#ifndef _Benign_race_begin_ -#define _Benign_race_begin_ -#endif - -#ifndef _Benign_race_end_ -#define _Benign_race_end_ -#endif - -#ifndef _Field_size_ -#define _Field_size_(x) -#endif - -#ifndef _Field_range_ -#define _Field_range_(x,y) -#endif - -#ifndef _Analysis_assume_ -#define _Analysis_assume_(x) -#endif - -#endif // DETOURS_INTERNAL -#endif // DETOURS_DONT_REMOVE_SAL_20 - -////////////////////////////////////////////////////////////////////////////// -// -#ifndef GUID_DEFINED -#define GUID_DEFINED -typedef struct _GUID -{ - DWORD Data1; - WORD Data2; - WORD Data3; - BYTE Data4[ 8 ]; -} GUID; - -#ifdef INITGUID -#define DEFINE_GUID(name, l, w1, w2, b1, b2, b3, b4, b5, b6, b7, b8) \ - const GUID name \ - = { l, w1, w2, { b1, b2, b3, b4, b5, b6, b7, b8 } } -#else -#define DEFINE_GUID(name, l, w1, w2, b1, b2, b3, b4, b5, b6, b7, b8) \ - const GUID name -#endif // INITGUID -#endif // !GUID_DEFINED - -#if defined(__cplusplus) -#ifndef _REFGUID_DEFINED -#define _REFGUID_DEFINED -#define REFGUID const GUID & -#endif // !_REFGUID_DEFINED -#else // !__cplusplus -#ifndef _REFGUID_DEFINED -#define _REFGUID_DEFINED -#define REFGUID const GUID * const -#endif // !_REFGUID_DEFINED -#endif // !__cplusplus - -#ifndef ARRAYSIZE -#define ARRAYSIZE(x) (sizeof(x)/sizeof(x[0])) -#endif - -// -////////////////////////////////////////////////////////////////////////////// - -#ifdef __cplusplus -extern "C" { -#endif // __cplusplus - -/////////////////////////////////////////////////// Instruction Target Macros. -// -#define DETOUR_INSTRUCTION_TARGET_NONE ((PVOID)0) -#define DETOUR_INSTRUCTION_TARGET_DYNAMIC ((PVOID)(LONG_PTR)-1) -#define DETOUR_SECTION_HEADER_SIGNATURE 0x00727444 // "Dtr\0" - -extern const GUID DETOUR_EXE_RESTORE_GUID; -extern const GUID DETOUR_EXE_HELPER_GUID; - -#define DETOUR_TRAMPOLINE_SIGNATURE 0x21727444 // Dtr! -typedef struct _DETOUR_TRAMPOLINE DETOUR_TRAMPOLINE, *PDETOUR_TRAMPOLINE; - -/////////////////////////////////////////////////////////// Binary Structures. -// -#pragma pack(push, 8) -typedef struct _DETOUR_SECTION_HEADER -{ - DWORD cbHeaderSize; - DWORD nSignature; - DWORD nDataOffset; - DWORD cbDataSize; - - DWORD nOriginalImportVirtualAddress; - DWORD nOriginalImportSize; - DWORD nOriginalBoundImportVirtualAddress; - DWORD nOriginalBoundImportSize; - - DWORD nOriginalIatVirtualAddress; - DWORD nOriginalIatSize; - DWORD nOriginalSizeOfImage; - DWORD cbPrePE; - - DWORD nOriginalClrFlags; - DWORD reserved1; - DWORD reserved2; - DWORD reserved3; - - // Followed by cbPrePE bytes of data. -} DETOUR_SECTION_HEADER, *PDETOUR_SECTION_HEADER; - -typedef struct _DETOUR_SECTION_RECORD -{ - DWORD cbBytes; - DWORD nReserved; - GUID guid; -} DETOUR_SECTION_RECORD, *PDETOUR_SECTION_RECORD; - -typedef struct _DETOUR_CLR_HEADER -{ - // Header versioning - ULONG cb; - USHORT MajorRuntimeVersion; - USHORT MinorRuntimeVersion; - - // Symbol table and startup information - IMAGE_DATA_DIRECTORY MetaData; - ULONG Flags; - - // Followed by the rest of the IMAGE_COR20_HEADER -} DETOUR_CLR_HEADER, *PDETOUR_CLR_HEADER; - -typedef struct _DETOUR_EXE_RESTORE -{ - DWORD cb; - DWORD cbidh; - DWORD cbinh; - DWORD cbclr; - - PBYTE pidh; - PBYTE pinh; - PBYTE pclr; - - IMAGE_DOS_HEADER idh; - union { - IMAGE_NT_HEADERS inh; - IMAGE_NT_HEADERS32 inh32; - IMAGE_NT_HEADERS64 inh64; - BYTE raw[sizeof(IMAGE_NT_HEADERS64) + - sizeof(IMAGE_SECTION_HEADER) * 32]; - }; - DETOUR_CLR_HEADER clr; - -} DETOUR_EXE_RESTORE, *PDETOUR_EXE_RESTORE; - -typedef struct _DETOUR_EXE_HELPER -{ - DWORD cb; - DWORD pid; - DWORD nDlls; - CHAR rDlls[4]; -} DETOUR_EXE_HELPER, *PDETOUR_EXE_HELPER; - -#pragma pack(pop) - -#define DETOUR_SECTION_HEADER_DECLARE(cbSectionSize) \ -{ \ - sizeof(DETOUR_SECTION_HEADER),\ - DETOUR_SECTION_HEADER_SIGNATURE,\ - sizeof(DETOUR_SECTION_HEADER),\ - (cbSectionSize),\ - \ - 0,\ - 0,\ - 0,\ - 0,\ - \ - 0,\ - 0,\ - 0,\ - 0,\ -} - -/////////////////////////////////////////////////////////////// Helper Macros. -// -#define DETOURS_STRINGIFY(x) DETOURS_STRINGIFY_(x) -#define DETOURS_STRINGIFY_(x) #x - -///////////////////////////////////////////////////////////// Binary Typedefs. -// -typedef BOOL (CALLBACK *PF_DETOUR_BINARY_BYWAY_CALLBACK)( - _In_opt_ PVOID pContext, - _In_opt_ LPCSTR pszFile, - _Outptr_result_maybenull_ LPCSTR *ppszOutFile); - -typedef BOOL (CALLBACK *PF_DETOUR_BINARY_FILE_CALLBACK)( - _In_opt_ PVOID pContext, - _In_ LPCSTR pszOrigFile, - _In_ LPCSTR pszFile, - _Outptr_result_maybenull_ LPCSTR *ppszOutFile); - -typedef BOOL (CALLBACK *PF_DETOUR_BINARY_SYMBOL_CALLBACK)( - _In_opt_ PVOID pContext, - _In_ ULONG nOrigOrdinal, - _In_ ULONG nOrdinal, - _Out_ ULONG *pnOutOrdinal, - _In_opt_ LPCSTR pszOrigSymbol, - _In_opt_ LPCSTR pszSymbol, - _Outptr_result_maybenull_ LPCSTR *ppszOutSymbol); - -typedef BOOL (CALLBACK *PF_DETOUR_BINARY_COMMIT_CALLBACK)( - _In_opt_ PVOID pContext); - -typedef BOOL (CALLBACK *PF_DETOUR_ENUMERATE_EXPORT_CALLBACK)(_In_opt_ PVOID pContext, - _In_ ULONG nOrdinal, - _In_opt_ LPCSTR pszName, - _In_opt_ PVOID pCode); - -typedef BOOL (CALLBACK *PF_DETOUR_IMPORT_FILE_CALLBACK)(_In_opt_ PVOID pContext, - _In_opt_ HMODULE hModule, - _In_opt_ LPCSTR pszFile); - -typedef BOOL (CALLBACK *PF_DETOUR_IMPORT_FUNC_CALLBACK)(_In_opt_ PVOID pContext, - _In_ DWORD nOrdinal, - _In_opt_ LPCSTR pszFunc, - _In_opt_ PVOID pvFunc); - -// Same as PF_DETOUR_IMPORT_FUNC_CALLBACK but extra indirection on last parameter. -typedef BOOL (CALLBACK *PF_DETOUR_IMPORT_FUNC_CALLBACK_EX)(_In_opt_ PVOID pContext, - _In_ DWORD nOrdinal, - _In_opt_ LPCSTR pszFunc, - _In_opt_ PVOID* ppvFunc); - -typedef VOID * PDETOUR_BINARY; -typedef VOID * PDETOUR_LOADED_BINARY; - -//////////////////////////////////////////////////////////// Transaction APIs. -// -LONG WINAPI DetourTransactionBegin(VOID); -LONG WINAPI DetourTransactionAbort(VOID); -LONG WINAPI DetourTransactionCommit(VOID); -LONG WINAPI DetourTransactionCommitEx(_Out_opt_ PVOID **pppFailedPointer); - -LONG WINAPI DetourUpdateThread(_In_ HANDLE hThread); - -LONG WINAPI DetourAttach(_Inout_ PVOID *ppPointer, - _In_ PVOID pDetour); - -LONG WINAPI DetourAttachEx(_Inout_ PVOID *ppPointer, - _In_ PVOID pDetour, - _Out_opt_ PDETOUR_TRAMPOLINE *ppRealTrampoline, - _Out_opt_ PVOID *ppRealTarget, - _Out_opt_ PVOID *ppRealDetour); - -LONG WINAPI DetourDetach(_Inout_ PVOID *ppPointer, - _In_ PVOID pDetour); - -BOOL WINAPI DetourSetIgnoreTooSmall(_In_ BOOL fIgnore); -BOOL WINAPI DetourSetRetainRegions(_In_ BOOL fRetain); -PVOID WINAPI DetourSetSystemRegionLowerBound(_In_ PVOID pSystemRegionLowerBound); -PVOID WINAPI DetourSetSystemRegionUpperBound(_In_ PVOID pSystemRegionUpperBound); - -////////////////////////////////////////////////////////////// Code Functions. -// -PVOID WINAPI DetourFindFunction(_In_ LPCSTR pszModule, - _In_ LPCSTR pszFunction); -PVOID WINAPI DetourCodeFromPointer(_In_ PVOID pPointer, - _Out_opt_ PVOID *ppGlobals); -PVOID WINAPI DetourCopyInstruction(_In_opt_ PVOID pDst, - _Inout_opt_ PVOID *ppDstPool, - _In_ PVOID pSrc, - _Out_opt_ PVOID *ppTarget, - _Out_opt_ LONG *plExtra); -BOOL WINAPI DetourSetCodeModule(_In_ HMODULE hModule, - _In_ BOOL fLimitReferencesToModule); - -///////////////////////////////////////////////////// Loaded Binary Functions. -// -HMODULE WINAPI DetourGetContainingModule(_In_ PVOID pvAddr); -HMODULE WINAPI DetourEnumerateModules(_In_opt_ HMODULE hModuleLast); -PVOID WINAPI DetourGetEntryPoint(_In_opt_ HMODULE hModule); -ULONG WINAPI DetourGetModuleSize(_In_opt_ HMODULE hModule); -BOOL WINAPI DetourEnumerateExports(_In_ HMODULE hModule, - _In_opt_ PVOID pContext, - _In_ PF_DETOUR_ENUMERATE_EXPORT_CALLBACK pfExport); -BOOL WINAPI DetourEnumerateImports(_In_opt_ HMODULE hModule, - _In_opt_ PVOID pContext, - _In_opt_ PF_DETOUR_IMPORT_FILE_CALLBACK pfImportFile, - _In_opt_ PF_DETOUR_IMPORT_FUNC_CALLBACK pfImportFunc); - -BOOL WINAPI DetourEnumerateImportsEx(_In_opt_ HMODULE hModule, - _In_opt_ PVOID pContext, - _In_opt_ PF_DETOUR_IMPORT_FILE_CALLBACK pfImportFile, - _In_opt_ PF_DETOUR_IMPORT_FUNC_CALLBACK_EX pfImportFuncEx); - -_Writable_bytes_(*pcbData) -_Readable_bytes_(*pcbData) -_Success_(return != NULL) -PVOID WINAPI DetourFindPayload(_In_opt_ HMODULE hModule, - _In_ REFGUID rguid, - _Out_ DWORD *pcbData); - -_Writable_bytes_(*pcbData) -_Readable_bytes_(*pcbData) -_Success_(return != NULL) -PVOID WINAPI DetourFindPayloadEx(_In_ REFGUID rguid, - _Out_ DWORD * pcbData); - -DWORD WINAPI DetourGetSizeOfPayloads(_In_opt_ HMODULE hModule); - -///////////////////////////////////////////////// Persistent Binary Functions. -// - -PDETOUR_BINARY WINAPI DetourBinaryOpen(_In_ HANDLE hFile); - -_Writable_bytes_(*pcbData) -_Readable_bytes_(*pcbData) -_Success_(return != NULL) -PVOID WINAPI DetourBinaryEnumeratePayloads(_In_ PDETOUR_BINARY pBinary, - _Out_opt_ GUID *pGuid, - _Out_ DWORD *pcbData, - _Inout_ DWORD *pnIterator); - -_Writable_bytes_(*pcbData) -_Readable_bytes_(*pcbData) -_Success_(return != NULL) -PVOID WINAPI DetourBinaryFindPayload(_In_ PDETOUR_BINARY pBinary, - _In_ REFGUID rguid, - _Out_ DWORD *pcbData); - -PVOID WINAPI DetourBinarySetPayload(_In_ PDETOUR_BINARY pBinary, - _In_ REFGUID rguid, - _In_reads_opt_(cbData) PVOID pData, - _In_ DWORD cbData); -BOOL WINAPI DetourBinaryDeletePayload(_In_ PDETOUR_BINARY pBinary, _In_ REFGUID rguid); -BOOL WINAPI DetourBinaryPurgePayloads(_In_ PDETOUR_BINARY pBinary); -BOOL WINAPI DetourBinaryResetImports(_In_ PDETOUR_BINARY pBinary); -BOOL WINAPI DetourBinaryEditImports(_In_ PDETOUR_BINARY pBinary, - _In_opt_ PVOID pContext, - _In_opt_ PF_DETOUR_BINARY_BYWAY_CALLBACK pfByway, - _In_opt_ PF_DETOUR_BINARY_FILE_CALLBACK pfFile, - _In_opt_ PF_DETOUR_BINARY_SYMBOL_CALLBACK pfSymbol, - _In_opt_ PF_DETOUR_BINARY_COMMIT_CALLBACK pfCommit); -BOOL WINAPI DetourBinaryWrite(_In_ PDETOUR_BINARY pBinary, _In_ HANDLE hFile); -BOOL WINAPI DetourBinaryClose(_In_ PDETOUR_BINARY pBinary); - -/////////////////////////////////////////////////// Create Process & Load Dll. -// -typedef BOOL (WINAPI *PDETOUR_CREATE_PROCESS_ROUTINEA)( - _In_opt_ LPCSTR lpApplicationName, - _Inout_opt_ LPSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOA lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation); - -typedef BOOL (WINAPI *PDETOUR_CREATE_PROCESS_ROUTINEW)( - _In_opt_ LPCWSTR lpApplicationName, - _Inout_opt_ LPWSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCWSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOW lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation); - -BOOL WINAPI DetourCreateProcessWithDllA(_In_opt_ LPCSTR lpApplicationName, - _Inout_opt_ LPSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOA lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation, - _In_ LPCSTR lpDllName, - _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); - -BOOL WINAPI DetourCreateProcessWithDllW(_In_opt_ LPCWSTR lpApplicationName, - _Inout_opt_ LPWSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCWSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOW lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation, - _In_ LPCSTR lpDllName, - _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); - -#ifdef UNICODE -#define DetourCreateProcessWithDll DetourCreateProcessWithDllW -#define PDETOUR_CREATE_PROCESS_ROUTINE PDETOUR_CREATE_PROCESS_ROUTINEW -#else -#define DetourCreateProcessWithDll DetourCreateProcessWithDllA -#define PDETOUR_CREATE_PROCESS_ROUTINE PDETOUR_CREATE_PROCESS_ROUTINEA -#endif // !UNICODE - -BOOL WINAPI DetourCreateProcessWithDllExA(_In_opt_ LPCSTR lpApplicationName, - _Inout_opt_ LPSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOA lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation, - _In_ LPCSTR lpDllName, - _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); - -BOOL WINAPI DetourCreateProcessWithDllExW(_In_opt_ LPCWSTR lpApplicationName, - _Inout_opt_ LPWSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCWSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOW lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation, - _In_ LPCSTR lpDllName, - _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); - -#ifdef UNICODE -#define DetourCreateProcessWithDllEx DetourCreateProcessWithDllExW -#else -#define DetourCreateProcessWithDllEx DetourCreateProcessWithDllExA -#endif // !UNICODE - -BOOL WINAPI DetourCreateProcessWithDllsA(_In_opt_ LPCSTR lpApplicationName, - _Inout_opt_ LPSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOA lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation, - _In_ DWORD nDlls, - _In_reads_(nDlls) LPCSTR *rlpDlls, - _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); - -BOOL WINAPI DetourCreateProcessWithDllsW(_In_opt_ LPCWSTR lpApplicationName, - _Inout_opt_ LPWSTR lpCommandLine, - _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, - _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, - _In_ BOOL bInheritHandles, - _In_ DWORD dwCreationFlags, - _In_opt_ LPVOID lpEnvironment, - _In_opt_ LPCWSTR lpCurrentDirectory, - _In_ LPSTARTUPINFOW lpStartupInfo, - _Out_ LPPROCESS_INFORMATION lpProcessInformation, - _In_ DWORD nDlls, - _In_reads_(nDlls) LPCSTR *rlpDlls, - _In_opt_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); - -#ifdef UNICODE -#define DetourCreateProcessWithDlls DetourCreateProcessWithDllsW -#else -#define DetourCreateProcessWithDlls DetourCreateProcessWithDllsA -#endif // !UNICODE - -BOOL WINAPI DetourProcessViaHelperA(_In_ DWORD dwTargetPid, - _In_ LPCSTR lpDllName, - _In_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); - -BOOL WINAPI DetourProcessViaHelperW(_In_ DWORD dwTargetPid, - _In_ LPCSTR lpDllName, - _In_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); - -#ifdef UNICODE -#define DetourProcessViaHelper DetourProcessViaHelperW -#else -#define DetourProcessViaHelper DetourProcessViaHelperA -#endif // !UNICODE - -BOOL WINAPI DetourProcessViaHelperDllsA(_In_ DWORD dwTargetPid, - _In_ DWORD nDlls, - _In_reads_(nDlls) LPCSTR *rlpDlls, - _In_ PDETOUR_CREATE_PROCESS_ROUTINEA pfCreateProcessA); - -BOOL WINAPI DetourProcessViaHelperDllsW(_In_ DWORD dwTargetPid, - _In_ DWORD nDlls, - _In_reads_(nDlls) LPCSTR *rlpDlls, - _In_ PDETOUR_CREATE_PROCESS_ROUTINEW pfCreateProcessW); - -#ifdef UNICODE -#define DetourProcessViaHelperDlls DetourProcessViaHelperDllsW -#else -#define DetourProcessViaHelperDlls DetourProcessViaHelperDllsA -#endif // !UNICODE - -BOOL WINAPI DetourUpdateProcessWithDll(_In_ HANDLE hProcess, - _In_reads_(nDlls) LPCSTR *rlpDlls, - _In_ DWORD nDlls); - -BOOL WINAPI DetourUpdateProcessWithDllEx(_In_ HANDLE hProcess, - _In_ HMODULE hImage, - _In_ BOOL bIs32Bit, - _In_reads_(nDlls) LPCSTR *rlpDlls, - _In_ DWORD nDlls); - -BOOL WINAPI DetourCopyPayloadToProcess(_In_ HANDLE hProcess, - _In_ REFGUID rguid, - _In_reads_bytes_(cbData) PVOID pvData, - _In_ DWORD cbData); -BOOL WINAPI DetourRestoreAfterWith(VOID); -BOOL WINAPI DetourRestoreAfterWithEx(_In_reads_bytes_(cbData) PVOID pvData, - _In_ DWORD cbData); -BOOL WINAPI DetourIsHelperProcess(VOID); -VOID CALLBACK DetourFinishHelperProcess(_In_ HWND, - _In_ HINSTANCE, - _In_ LPSTR, - _In_ INT); - -// -////////////////////////////////////////////////////////////////////////////// -#ifdef __cplusplus -} -#endif // __cplusplus - -//////////////////////////////////////////////// Detours Internal Definitions. -// -#ifdef __cplusplus -#ifdef DETOURS_INTERNAL - -#define NOTHROW -// #define NOTHROW (nothrow) - -////////////////////////////////////////////////////////////////////////////// -// -#if (_MSC_VER < 1299) -#include -typedef IMAGEHLP_MODULE IMAGEHLP_MODULE64; -typedef PIMAGEHLP_MODULE PIMAGEHLP_MODULE64; -typedef IMAGEHLP_SYMBOL SYMBOL_INFO; -typedef PIMAGEHLP_SYMBOL PSYMBOL_INFO; - -static inline -LONG InterlockedCompareExchange(_Inout_ LONG *ptr, _In_ LONG nval, _In_ LONG oval) -{ - return (LONG)::InterlockedCompareExchange((PVOID*)ptr, (PVOID)nval, (PVOID)oval); -} -#else -#pragma warning(push) -#pragma warning(disable:4091) // empty typedef -#include -#pragma warning(pop) -#endif - -#ifdef IMAGEAPI // defined by DBGHELP.H -typedef LPAPI_VERSION (NTAPI *PF_ImagehlpApiVersionEx)(_In_ LPAPI_VERSION AppVersion); - -typedef BOOL (NTAPI *PF_SymInitialize)(_In_ HANDLE hProcess, - _In_opt_ LPCSTR UserSearchPath, - _In_ BOOL fInvadeProcess); -typedef DWORD (NTAPI *PF_SymSetOptions)(_In_ DWORD SymOptions); -typedef DWORD (NTAPI *PF_SymGetOptions)(VOID); -typedef DWORD64 (NTAPI *PF_SymLoadModule64)(_In_ HANDLE hProcess, - _In_opt_ HANDLE hFile, - _In_ LPSTR ImageName, - _In_opt_ LPSTR ModuleName, - _In_ DWORD64 BaseOfDll, - _In_opt_ DWORD SizeOfDll); -typedef BOOL (NTAPI *PF_SymGetModuleInfo64)(_In_ HANDLE hProcess, - _In_ DWORD64 qwAddr, - _Out_ PIMAGEHLP_MODULE64 ModuleInfo); -typedef BOOL (NTAPI *PF_SymFromName)(_In_ HANDLE hProcess, - _In_ LPSTR Name, - _Out_ PSYMBOL_INFO Symbol); - -typedef struct _DETOUR_SYM_INFO -{ - HANDLE hProcess; - HMODULE hDbgHelp; - PF_ImagehlpApiVersionEx pfImagehlpApiVersionEx; - PF_SymInitialize pfSymInitialize; - PF_SymSetOptions pfSymSetOptions; - PF_SymGetOptions pfSymGetOptions; - PF_SymLoadModule64 pfSymLoadModule64; - PF_SymGetModuleInfo64 pfSymGetModuleInfo64; - PF_SymFromName pfSymFromName; -} DETOUR_SYM_INFO, *PDETOUR_SYM_INFO; - -PDETOUR_SYM_INFO DetourLoadImageHlp(VOID); - -#endif // IMAGEAPI - -#if defined(_INC_STDIO) && !defined(_CRT_STDIO_ARBITRARY_WIDE_SPECIFIERS) -#error detours.h must be included before stdio.h (or at least define _CRT_STDIO_ARBITRARY_WIDE_SPECIFIERS earlier) -#endif -#define _CRT_STDIO_ARBITRARY_WIDE_SPECIFIERS 1 - -#ifndef DETOUR_TRACE -#if DETOUR_DEBUG -#define DETOUR_TRACE(x) printf x -#define DETOUR_BREAK() __debugbreak() -#include -#include -#else -#define DETOUR_TRACE(x) -#define DETOUR_BREAK() -#endif -#endif - -#if 1 || defined(DETOURS_IA64) - -// -// IA64 instructions are 41 bits, 3 per bundle, plus 5 bit bundle template => 128 bits per bundle. -// - -#define DETOUR_IA64_INSTRUCTIONS_PER_BUNDLE (3) - -#define DETOUR_IA64_TEMPLATE_OFFSET (0) -#define DETOUR_IA64_TEMPLATE_SIZE (5) - -#define DETOUR_IA64_INSTRUCTION_SIZE (41) -#define DETOUR_IA64_INSTRUCTION0_OFFSET (DETOUR_IA64_TEMPLATE_SIZE) -#define DETOUR_IA64_INSTRUCTION1_OFFSET (DETOUR_IA64_TEMPLATE_SIZE + DETOUR_IA64_INSTRUCTION_SIZE) -#define DETOUR_IA64_INSTRUCTION2_OFFSET (DETOUR_IA64_TEMPLATE_SIZE + DETOUR_IA64_INSTRUCTION_SIZE + DETOUR_IA64_INSTRUCTION_SIZE) - -C_ASSERT(DETOUR_IA64_TEMPLATE_SIZE + DETOUR_IA64_INSTRUCTIONS_PER_BUNDLE * DETOUR_IA64_INSTRUCTION_SIZE == 128); - -__declspec(align(16)) struct DETOUR_IA64_BUNDLE -{ - public: - union - { - BYTE data[16]; - UINT64 wide[2]; - }; - - enum { - A_UNIT = 1u, - I_UNIT = 2u, - M_UNIT = 3u, - B_UNIT = 4u, - F_UNIT = 5u, - L_UNIT = 6u, - X_UNIT = 7u, - }; - struct DETOUR_IA64_METADATA - { - ULONG nTemplate : 8; // Instruction template. - ULONG nUnit0 : 4; // Unit for slot 0 - ULONG nUnit1 : 4; // Unit for slot 1 - ULONG nUnit2 : 4; // Unit for slot 2 - }; - - protected: - static const DETOUR_IA64_METADATA s_rceCopyTable[33]; - - UINT RelocateBundle(_Inout_ DETOUR_IA64_BUNDLE* pDst, _Inout_opt_ DETOUR_IA64_BUNDLE* pBundleExtra) const; - - bool RelocateInstruction(_Inout_ DETOUR_IA64_BUNDLE* pDst, - _In_ BYTE slot, - _Inout_opt_ DETOUR_IA64_BUNDLE* pBundleExtra) const; - - // 120 112 104 96 88 80 72 64 56 48 40 32 24 16 8 0 - // f. e. d. c. b. a. 9. 8. 7. 6. 5. 4. 3. 2. 1. 0. - - // 00 - // f.e. d.c. b.a. 9.8. 7.6. 5.4. 3.2. 1.0. - // 0000 0000 0000 0000 0000 0000 0000 001f : Template [4..0] - // 0000 0000 0000 0000 0000 03ff ffff ffe0 : Zero [ 41.. 5] - // 0000 0000 0000 0000 0000 3c00 0000 0000 : Zero [ 45.. 42] - // 0000 0000 0007 ffff ffff c000 0000 0000 : One [ 82.. 46] - // 0000 0000 0078 0000 0000 0000 0000 0000 : One [ 86.. 83] - // 0fff ffff ff80 0000 0000 0000 0000 0000 : Two [123.. 87] - // f000 0000 0000 0000 0000 0000 0000 0000 : Two [127..124] - BYTE GetTemplate() const; - // Get 4 bit opcodes. - BYTE GetInst0() const; - BYTE GetInst1() const; - BYTE GetInst2() const; - BYTE GetUnit(BYTE slot) const; - BYTE GetUnit0() const; - BYTE GetUnit1() const; - BYTE GetUnit2() const; - // Get 37 bit data. - UINT64 GetData0() const; - UINT64 GetData1() const; - UINT64 GetData2() const; - - // Get/set the full 41 bit instructions. - UINT64 GetInstruction(BYTE slot) const; - UINT64 GetInstruction0() const; - UINT64 GetInstruction1() const; - UINT64 GetInstruction2() const; - void SetInstruction(BYTE slot, UINT64 instruction); - void SetInstruction0(UINT64 instruction); - void SetInstruction1(UINT64 instruction); - void SetInstruction2(UINT64 instruction); - - // Get/set bitfields. - static UINT64 GetBits(UINT64 Value, UINT64 Offset, UINT64 Count); - static UINT64 SetBits(UINT64 Value, UINT64 Offset, UINT64 Count, UINT64 Field); - - // Get specific read-only fields. - static UINT64 GetOpcode(UINT64 instruction); // 4bit opcode - static UINT64 GetX(UINT64 instruction); // 1bit opcode extension - static UINT64 GetX3(UINT64 instruction); // 3bit opcode extension - static UINT64 GetX6(UINT64 instruction); // 6bit opcode extension - - // Get/set specific fields. - static UINT64 GetImm7a(UINT64 instruction); - static UINT64 SetImm7a(UINT64 instruction, UINT64 imm7a); - static UINT64 GetImm13c(UINT64 instruction); - static UINT64 SetImm13c(UINT64 instruction, UINT64 imm13c); - static UINT64 GetSignBit(UINT64 instruction); - static UINT64 SetSignBit(UINT64 instruction, UINT64 signBit); - static UINT64 GetImm20a(UINT64 instruction); - static UINT64 SetImm20a(UINT64 instruction, UINT64 imm20a); - static UINT64 GetImm20b(UINT64 instruction); - static UINT64 SetImm20b(UINT64 instruction, UINT64 imm20b); - - static UINT64 SignExtend(UINT64 Value, UINT64 Offset); - - BOOL IsMovlGp() const; - - VOID SetInst(BYTE Slot, BYTE nInst); - VOID SetInst0(BYTE nInst); - VOID SetInst1(BYTE nInst); - VOID SetInst2(BYTE nInst); - VOID SetData(BYTE Slot, UINT64 nData); - VOID SetData0(UINT64 nData); - VOID SetData1(UINT64 nData); - VOID SetData2(UINT64 nData); - BOOL SetNop(BYTE Slot); - BOOL SetNop0(); - BOOL SetNop1(); - BOOL SetNop2(); - - public: - BOOL IsBrl() const; - VOID SetBrl(); - VOID SetBrl(UINT64 target); - UINT64 GetBrlTarget() const; - VOID SetBrlTarget(UINT64 target); - VOID SetBrlImm(UINT64 imm); - UINT64 GetBrlImm() const; - - UINT64 GetMovlGp() const; - VOID SetMovlGp(UINT64 gp); - - VOID SetStop(); - - UINT Copy(_Out_ DETOUR_IA64_BUNDLE *pDst, _Inout_opt_ DETOUR_IA64_BUNDLE* pBundleExtra = NULL) const; -}; -#endif // DETOURS_IA64 - -#ifdef DETOURS_ARM - -#define DETOURS_PFUNC_TO_PBYTE(p) ((PBYTE)(((ULONG_PTR)(p)) & ~(ULONG_PTR)1)) -#define DETOURS_PBYTE_TO_PFUNC(p) ((PBYTE)(((ULONG_PTR)(p)) | (ULONG_PTR)1)) - -#endif // DETOURS_ARM - -////////////////////////////////////////////////////////////////////////////// - -#ifdef __cplusplus -extern "C" { -#endif // __cplusplus - -#define DETOUR_OFFLINE_LIBRARY(x) \ -PVOID WINAPI DetourCopyInstruction##x(_In_opt_ PVOID pDst, \ - _Inout_opt_ PVOID *ppDstPool, \ - _In_ PVOID pSrc, \ - _Out_opt_ PVOID *ppTarget, \ - _Out_opt_ LONG *plExtra); \ - \ -BOOL WINAPI DetourSetCodeModule##x(_In_ HMODULE hModule, \ - _In_ BOOL fLimitReferencesToModule); \ - -DETOUR_OFFLINE_LIBRARY(X86) -DETOUR_OFFLINE_LIBRARY(X64) -DETOUR_OFFLINE_LIBRARY(ARM) -DETOUR_OFFLINE_LIBRARY(ARM64) -DETOUR_OFFLINE_LIBRARY(IA64) - -#undef DETOUR_OFFLINE_LIBRARY - -////////////////////////////////////////////////////////////////////////////// -// -// Helpers for manipulating page protection. -// - -_Success_(return != FALSE) -BOOL WINAPI DetourVirtualProtectSameExecuteEx(_In_ HANDLE hProcess, - _In_ PVOID pAddress, - _In_ SIZE_T nSize, - _In_ DWORD dwNewProtect, - _Out_ PDWORD pdwOldProtect); - -_Success_(return != FALSE) -BOOL WINAPI DetourVirtualProtectSameExecute(_In_ PVOID pAddress, - _In_ SIZE_T nSize, - _In_ DWORD dwNewProtect, - _Out_ PDWORD pdwOldProtect); -#ifdef __cplusplus -} -#endif // __cplusplus - -////////////////////////////////////////////////////////////////////////////// - -#define MM_ALLOCATION_GRANULARITY 0x10000 - -////////////////////////////////////////////////////////////////////////////// - -#endif // DETOURS_INTERNAL -#endif // __cplusplus - -#endif // _DETOURS_H_ -// -//////////////////////////////////////////////////////////////// End of File. diff --git a/libs/Detours-4.0.1/include/detver.h b/libs/Detours-4.0.1/include/detver.h deleted file mode 100644 index f0aae9b..0000000 --- a/libs/Detours-4.0.1/include/detver.h +++ /dev/null @@ -1,27 +0,0 @@ -////////////////////////////////////////////////////////////////////////////// -// -// Common version parameters. -// -// Microsoft Research Detours Package, Version 4.0.1 -// -// Copyright (c) Microsoft Corporation. All rights reserved. -// - -#define _USING_V110_SDK71_ 1 -#include "winver.h" -#if 0 -#include -#include -#else -#ifndef DETOURS_STRINGIFY -#define DETOURS_STRINGIFY(x) DETOURS_STRINGIFY_(x) -#define DETOURS_STRINGIFY_(x) #x -#endif - -#define VER_FILEFLAGSMASK 0x3fL -#define VER_FILEFLAGS 0x0L -#define VER_FILEOS 0x00040004L -#define VER_FILETYPE 0x00000002L -#define VER_FILESUBTYPE 0x00000000L -#endif -#define VER_DETOURS_BITS DETOUR_STRINGIFY(DETOURS_BITS) diff --git a/libs/Detours-4.0.1/include/syelog.h b/libs/Detours-4.0.1/include/syelog.h deleted file mode 100644 index 7cfa9f3..0000000 --- a/libs/Detours-4.0.1/include/syelog.h +++ /dev/null @@ -1,89 +0,0 @@ -////////////////////////////////////////////////////////////////////////////// -// -// Detours Test Program (syelog.h of syelog.lib) -// -// Microsoft Research Detours Package -// -// Copyright (c) Microsoft Corporation. All rights reserved. -// -#pragma once -#ifndef _SYELOGD_H_ -#define _SYELOGD_H_ -#include - -#pragma pack(push, 1) -#pragma warning(push) -#pragma warning(disable: 4200) - -////////////////////////////////////////////////////////////////////////////// -// -// -#define SYELOG_PIPE_NAMEA "\\\\.\\pipe\\syelog" -#define SYELOG_PIPE_NAMEW L"\\\\.\\pipe\\syelog" -#ifdef UNICODE -#define SYELOG_PIPE_NAME SYELOG_PIPE_NAMEW -#else -#define SYELOG_PIPE_NAME SYELOG_PIPE_NAMEA -#endif - -////////////////////////////////////////////////////////////////////////////// -// -#define SYELOG_MAXIMUM_MESSAGE 4086 // 4096 - sizeof(header stuff) - -typedef struct _SYELOG_MESSAGE -{ - USHORT nBytes; - BYTE nFacility; - BYTE nSeverity; - DWORD nProcessId; - FILETIME ftOccurance; - BOOL fTerminate; - CHAR szMessage[SYELOG_MAXIMUM_MESSAGE]; -} SYELOG_MESSAGE, *PSYELOG_MESSAGE; - - -// Facility Codes. -// -#define SYELOG_FACILITY_KERNEL 0x10 // OS Kernel -#define SYELOG_FACILITY_SECURITY 0x20 // OS Security -#define SYELOG_FACILITY_LOGGING 0x30 // OS Logging-internal -#define SYELOG_FACILITY_SERVICE 0x40 // User-mode system daemon -#define SYELOG_FACILITY_APPLICATION 0x50 // User-mode application -#define SYELOG_FACILITY_USER 0x60 // User self-generated. -#define SYELOG_FACILITY_LOCAL0 0x70 // Locally defined. -#define SYELOG_FACILITY_LOCAL1 0x71 // Locally defined. -#define SYELOG_FACILITY_LOCAL2 0x72 // Locally defined. -#define SYELOG_FACILITY_LOCAL3 0x73 // Locally defined. -#define SYELOG_FACILITY_LOCAL4 0x74 // Locally defined. -#define SYELOG_FACILITY_LOCAL5 0x75 // Locally defined. -#define SYELOG_FACILITY_LOCAL6 0x76 // Locally defined. -#define SYELOG_FACILITY_LOCAL7 0x77 // Locally defined. -#define SYELOG_FACILITY_LOCAL8 0x78 // Locally defined. -#define SYELOG_FACILITY_LOCAL9 0x79 // Locally defined. - -// Severity Codes. -// -#define SYELOG_SEVERITY_FATAL 0x00 // System is dead. -#define SYELOG_SEVERITY_ALERT 0x10 // Take action immediately. -#define SYELOG_SEVERITY_CRITICAL 0x20 // Critical condition. -#define SYELOG_SEVERITY_ERROR 0x30 // Error -#define SYELOG_SEVERITY_WARNING 0x40 // Warning -#define SYELOG_SEVERITY_NOTICE 0x50 // Significant condition. -#define SYELOG_SEVERITY_INFORMATION 0x60 // Informational -#define SYELOG_SEVERITY_AUDIT_FAIL 0x66 // Audit Failed -#define SYELOG_SEVERITY_AUDIT_PASS 0x67 // Audit Succeeeded -#define SYELOG_SEVERITY_DEBUG 0x70 // Debugging - -// Logging Functions. -// -VOID SyelogOpen(PCSTR pszIdentifier, BYTE nFacility); -VOID Syelog(BYTE nSeverity, PCSTR pszMsgf, ...); -VOID SyelogV(BYTE nSeverity, PCSTR pszMsgf, va_list args); -VOID SyelogClose(BOOL fTerminate); - -#pragma warning(pop) -#pragma pack(pop) - -#endif // _SYELOGD_H_ -// -///////////////////////////////////////////////////////////////// End of File. diff --git a/libs/Detours-4.0.1/lib.X64/detours.lib b/libs/Detours-4.0.1/lib.X64/detours.lib deleted file mode 100644 index 0804617..0000000 Binary files a/libs/Detours-4.0.1/lib.X64/detours.lib and /dev/null differ diff --git a/libs/Detours-4.0.1/lib.X64/syelog.lib b/libs/Detours-4.0.1/lib.X64/syelog.lib deleted file mode 100644 index f9b07e3..0000000 Binary files a/libs/Detours-4.0.1/lib.X64/syelog.lib and /dev/null differ diff --git a/libs/Detours-4.0.1/lib.X86/detours.lib b/libs/Detours-4.0.1/lib.X86/detours.lib deleted file mode 100644 index 895aaec..0000000 Binary files a/libs/Detours-4.0.1/lib.X86/detours.lib and /dev/null differ diff --git a/libs/Detours-4.0.1/lib.X86/syelog.lib b/libs/Detours-4.0.1/lib.X86/syelog.lib deleted file mode 100644 index c94661c..0000000 Binary files a/libs/Detours-4.0.1/lib.X86/syelog.lib and /dev/null differ diff --git a/libs/libs.cmake b/libs/libs.cmake index ddc5c92..4e9b368 100644 --- a/libs/libs.cmake +++ b/libs/libs.cmake @@ -1,18 +1,18 @@ if(${CMAKE_SIZEOF_VOID_P} EQUAL 8) - set(Detours ${CMAKE_CURRENT_LIST_DIR}/Detours-4.0.1/lib.X64/detours.lib) + #set(Detours ${CMAKE_CURRENT_LIST_DIR}/Detours-4.0.1/lib.X64/detours.lib) else() if(NOT DEFINED WINXP) set(YY_Thunks_for_WinXP) else() set(YY_Thunks_for_WinXP ${CMAKE_CURRENT_LIST_DIR}/YY-Thunks-1.0.7-Binary/objs/X86/YY_Thunks_for_WinXP.obj) endif() - set(Detours ${CMAKE_CURRENT_LIST_DIR}/Detours-4.0.1/lib.X86/detours.lib) + #set(Detours ${CMAKE_CURRENT_LIST_DIR}/Detours-4.0.1/lib.X86/detours.lib) endif() add_subdirectory(${CMAKE_CURRENT_LIST_DIR}/minhook) include_directories(${CMAKE_CURRENT_LIST_DIR}) -include_directories(${CMAKE_CURRENT_LIST_DIR}/Detours-4.0.1/include) +#include_directories(${CMAKE_CURRENT_LIST_DIR}/Detours-4.0.1/include)