diff --git a/vnr/ithsys/ithsys.cc b/vnr/ithsys/ithsys.cc index c3dd379..96a0af4 100644 --- a/vnr/ithsys/ithsys.cc +++ b/vnr/ithsys/ithsys.cc @@ -34,43 +34,6 @@ BYTE LeadByteTable[0x100] = { // - API functions - extern "C" { -int FillRange(LPCWSTR name, DWORD *lower, DWORD *upper) -{ - PLDR_DATA_TABLE_ENTRY it; - LIST_ENTRY *begin; - __asm - { - mov eax,fs:[0x30] - mov eax,[eax+0xc] - mov eax,[eax+0xc] - mov it,eax - mov begin,eax - } - - while (it->SizeOfImage) { - if (::_wcsicmp(it->BaseDllName.Buffer, name) == 0) { - *lower = *upper = (DWORD)it->DllBase; - MEMORY_BASIC_INFORMATION info = {}; - DWORD l,size; - size = 0; - do { - NtQueryVirtualMemory(NtCurrentProcess(), (LPVOID)(*upper), MemoryBasicInformation, &info, sizeof(info), &l); - if (info.Protect&PAGE_NOACCESS) { - it->SizeOfImage=size; - break; - } - size += info.RegionSize; - *upper += info.RegionSize; - } while (size < it->SizeOfImage); - return 1; - } - it = (PLDR_DATA_TABLE_ENTRY)it->InLoadOrderModuleList.Flink; - if (it->InLoadOrderModuleList.Flink == begin) - break; - } - return 0; -} - DWORD SearchPattern(DWORD base, DWORD base_length, LPCVOID search, DWORD search_length) // KMP { __asm diff --git a/vnr/ithsys/ithsys.h b/vnr/ithsys/ithsys.h index 4b06a94..2266c16 100644 --- a/vnr/ithsys/ithsys.h +++ b/vnr/ithsys/ithsys.h @@ -11,7 +11,6 @@ // jichi 8/24/2013: Why extern "C"? Any specific reason to use C instead of C++ naming? extern "C" { -int FillRange(LPCWSTR name,DWORD *lower, DWORD *upper); // jichi 10/1/2013: Return 0 if failed. So, it is ambiguous if the search pattern starts at 0 DWORD SearchPattern(DWORD base, DWORD base_length, LPCVOID search, DWORD search_length); // KMP diff --git a/vnr/vnrhook/src/engine/engine.cc b/vnr/vnrhook/src/engine/engine.cc index 99d2187..bd59208 100644 --- a/vnr/vnrhook/src/engine/engine.cc +++ b/vnr/vnrhook/src/engine/engine.cc @@ -117,13 +117,6 @@ char text_buffer_prev[0x1000]; DWORD buffer_index, buffer_length; -BOOL SafeFillRange(LPCWSTR dll, DWORD *lower, DWORD *upper) -{ - BOOL r = FALSE; - ITH_WITH_SEH(r = FillRange(dll, lower, upper)); - return r; -} - // jichi 3/11/2014: The original FindEntryAligned function could raise exceptions without admin priv DWORD SafeFindEntryAligned(DWORD start, DWORD back_range) { @@ -597,8 +590,8 @@ bool FindKiriKiriHook(DWORD fun, DWORD size, DWORD pt, DWORD flag) // jichi 10/2 bool InsertKiriKiriHook() // 9/20/2014 jichi: change return type to bool { - bool k1 = FindKiriKiriHook((DWORD)GetGlyphOutlineW, process_limit - process_base, process_base, 0), // KiriKiri1 - k2 = FindKiriKiriHook((DWORD)GetTextExtentPoint32W, process_limit - process_base, process_base, 1); // KiriKiri2 + bool k1 = FindKiriKiriHook((DWORD)GetGlyphOutlineW, processStopAddress - processStartAddress, processStartAddress, 0), // KiriKiri1 + k2 = FindKiriKiriHook((DWORD)GetTextExtentPoint32W, processStopAddress - processStartAddress, processStartAddress, 1); // KiriKiri2 //RegisterEngineType(ENGINE_KIRIKIRI); if (k1 && k2) { ConsoleOutput("vnreng:KiriKiri1: disable GDI hooks"); @@ -742,20 +735,20 @@ void SpecialHookKAGParserEx(DWORD esp_base, HookParam *, BYTE, DWORD *data, DWOR } // unnamed namespace bool InsertKAGParserHook() { - ULONG startAddress, stopAddress; + ULONG processStartAddress, processStopAddress; if (!NtInspect::getModuleMemoryRange(L"KAGParser.dll", &startAddress, &stopAddress)) { ConsoleOutput("vnreng:KAGParser: failed to get memory range"); return false; } const wchar_t *patternString = L"[r]"; const size_t patternStringSize = ::wcslen(patternString) * 2; - ULONG addr = MemDbg::findBytes(patternString, patternStringSize, startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(patternString, patternStringSize, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:KAGParser: [r] global string not found"); return false; } // Find where it is used as function parameter - addr = MemDbg::findPushAddress(addr, startAddress, stopAddress); + addr = MemDbg::findPushAddress(addr, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:KAGParser: push address not found"); return false; @@ -782,20 +775,20 @@ bool InsertKAGParserHook() } bool InsertKAGParserExHook() { - ULONG startAddress, stopAddress; + ULONG processStartAddress, processStopAddress; if (!NtInspect::getModuleMemoryRange(L"KAGParserEx.dll", &startAddress, &stopAddress)) { ConsoleOutput("vnreng:KAGParserEx: failed to get memory range"); return false; } const wchar_t *patternString = L"[r]"; const size_t patternStringSize = ::wcslen(patternString) * 2; - ULONG addr = MemDbg::findBytes(patternString, patternStringSize, startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(patternString, patternStringSize, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:KAGParserEx: [r] global string not found"); return false; } // Find where it is used as function parameter - addr = MemDbg::findPushAddress(addr, startAddress, stopAddress); + addr = MemDbg::findPushAddress(addr, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:KAGParserEx: push address not found"); return false; @@ -1398,13 +1391,7 @@ bool KiriKiriZHook1(DWORD esp_base, HookParam *) bool InsertKiriKiriZHook1() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:KiriKiriZ1: failed to get memory range"); - return false; - } - - ULONG addr = MemDbg::findCallerAddressAfterInt3((DWORD)::GetGlyphOutlineW, startAddress, stopAddress); + ULONG addr = MemDbg::findCallerAddressAfterInt3((DWORD)::GetGlyphOutlineW, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:KiriKiriZ1: could not find caller of GetGlyphOutlineW"); return false; @@ -1434,8 +1421,8 @@ bool InsertKiriKiriZHook2() 0x33,0x4b, 0x10, // 0122813f 334b 10 xor ecx,dword ptr ds:[ebx+0x10] 0x0f,0xb7,0x43, 0x14 // 01228142 0fb743 14 movzx eax,word ptr ds:[ebx+0x14] }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(addr); if (!addr) { ConsoleOutput("vnreng:KiriKiriZ2: pattern not found"); @@ -1522,8 +1509,8 @@ bool InsertBGIDynamicHook(LPVOID addr, DWORD frame, DWORD stack) return false; } - DWORD i = *(DWORD *)(stack + 4) - process_base; - return FindBGIHook(i, process_limit - process_base, process_base, 0xec83); + DWORD i = *(DWORD *)(stack + 4) - processStartAddress; + return FindBGIHook(i, processStopAddress - processStartAddress, processStartAddress, 0xec83); } #endif // 0 @@ -1597,7 +1584,7 @@ bool InsertBGI1Hook() BYTE *ib; }; HookParam hp = {}; - for (i = process_base + 0x1000; i < process_limit; i++) { + for (i = processStartAddress + 0x1000; i < processStopAddress; i++) { if (ib[0] == 0x3d) { i++; if (id[0] == 0xffff) { //cmp eax,0xffff @@ -2007,8 +1994,8 @@ bool InsertBGI2Hook() //0x77, 0x6a // 011d4d3e |. 77 6a ja short sekachu.011d4daa }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(reladdr); if (!addr) { ConsoleOutput("vnreng:BGI2: pattern not found"); @@ -2052,7 +2039,7 @@ bool InsertBGI2Hook() hp.split = 4 * 8; // pseudo arg8 //hp.split = -0x18; - //GROWL_DWORD2(hp.address, process_base); + //GROWL_DWORD2(hp.address, processStartAddress); ConsoleOutput("vnreng: INSERT BGI2"); NewHook(hp, "BGI2"); @@ -2126,8 +2113,8 @@ bool InsertBGI3Hook() //0xc3 // 00e88e6f \. c3 retn }; //enum { addr_offset = 0 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //reladdr = 0x68e56; if (!addr) { ConsoleOutput("vnreng:BGI3: pattern not found"); @@ -2140,7 +2127,7 @@ bool InsertBGI3Hook() hp.split = -0x8; hp.address = addr; - //GROWL_DWORD2(hp.address, process_base); + //GROWL_DWORD2(hp.address, processStartAddress); ConsoleOutput("vnreng: INSERT BGI3"); NewHook(hp, "BGI3"); @@ -2335,8 +2322,8 @@ bool InsertSiglus3Hook() // 002667e1 c2 0c00 retn 0xc }; enum { addr_offset = sizeof(bytes) - 4 }; - ULONG range = max(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = max(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!addr) { //ConsoleOutput("Unknown SiglusEngine"); ConsoleOutput("vnreng:Siglus3: pattern not found"); @@ -2482,9 +2469,9 @@ bool InsertSiglus4Hook() // hook here }; enum { addr_offset = sizeof(bytes) + 4 }; // +4 for the call address - ULONG range = max(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); - //ULONG addr = process_base + 0x0018cf39; + ULONG range = max(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); + //ULONG addr = processStartAddress + 0x0018cf39; if (!addr) { //ConsoleOutput("Unknown SiglusEngine"); ConsoleOutput("vnreng:Siglus4: pattern not found"); @@ -2651,8 +2638,8 @@ void SpecialHookSiglus4(DWORD esp_base, HookParam *hp, BYTE, DWORD *data, DWORD } bool InsertSiglus4Hook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress + ULONG processStartAddress, processStopAddress; + if (!FillRange(processName,&startAddress, &stopAddress)) { // need accurate stopAddress ConsoleOutput("vnreng:Siglus4: failed to get memory range"); return false; } @@ -2674,7 +2661,7 @@ bool InsertSiglus4Hook() //0x8d,0x3c,0x00 // 0020f5cd 8d3c00 lea edi,dword ptr ds:[eax+eax] // // 0020f5d0 8b45 ec mov eax,dword ptr ss:[ebp-0x14] }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { //ConsoleOutput("Unknown SiglusEngine"); ConsoleOutput("vnreng:Siglus4: pattern not found"); @@ -3781,7 +3768,7 @@ bool InsertSiglus2Hook() //enum { cur_ins_size = 2 }; //enum { addr_offset = sizeof(bytes) - cur_ins_size }; // = 14 - 2 = 12, current inst is the last one - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); ULONG addr; { // type 1 const BYTE bytes[] = { @@ -3789,7 +3776,7 @@ bool InsertSiglus2Hook() 0x75,0x4b // jnz short }; //enum { addr_offset = 0 }; - addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (addr) ConsoleOutput("vnreng:Siglus2: type 1 pattern found"); } @@ -3799,7 +3786,7 @@ bool InsertSiglus2Hook() 0x81,0xfe, 0x0c,0x30,0x00,0x00 // 0114124a 81fe 0c300000 cmp esi,0x300c ; jichi: hook here }; //enum { addr_offset = 0 }; - addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (addr) ConsoleOutput("vnreng:Siglus2: type 2 pattern found"); } @@ -3843,8 +3830,8 @@ static void SpecialHookSiglus1(DWORD esp_base, HookParam *hp, BYTE, DWORD *data, bool InsertSiglus1Hook() { const BYTE bytes[] = {0x33,0xc0,0x8b,0xf9,0x89,0x7c,0x24}; - ULONG range = max(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = max(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!addr) { // jichi 8/17/2013: Add "== 0" check to prevent breaking new games //ConsoleOutput("Unknown SiglusEngine"); ConsoleOutput("vnreng:Siglus: pattern not found"); @@ -4111,12 +4098,6 @@ void SpecialHookMajiro(DWORD esp_base, HookParam *hp, BYTE, DWORD *data, DWORD * } // unnamed namespace bool InsertMajiroHook() { - // jichi 7/12/2014: Change to accurate memory ranges - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:Majiro: failed to get memory range"); - return false; - } // jichi 4/19/2014: There must be a function in Majiro game which contains 6 TextOutA. // That function draws all texts. // @@ -4126,8 +4107,8 @@ bool InsertMajiroHook() 0x83ec8b55 // mov ebp,esp, sub esp,* new majiro }; enum { FunctionCount = sizeof(funcs) / sizeof(*funcs) }; - ULONG addr = MemDbg::findMultiCallerAddress((ULONG)::TextOutA, funcs, FunctionCount, startAddress, stopAddress); - //ULONG addr = MemDbg::findCallerAddress((ULONG)::TextOutA, 0x83ec8b55, startAddress, stopAddress); + ULONG addr = MemDbg::findMultiCallerAddress((ULONG)::TextOutA, funcs, FunctionCount, processStartAddress, processStopAddress); + //ULONG addr = MemDbg::findCallerAddress((ULONG)::TextOutA, 0x83ec8b55, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:Majiro: failed"); return false; @@ -4168,14 +4149,8 @@ namespace { // unnamed // It does not work for パ�プルソフトウェア games after しあわせ家族部 (2012) bool InsertCMVS1Hook() { - // jichi 7/12/2014: Change to accurate memory ranges - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:CMVS1: failed to get memory range"); - return false; - } enum { sub_esp = 0xec83 }; // caller pattern: sub esp = 0x83,0xec - ULONG addr = MemDbg::findCallerAddress((ULONG)::GetGlyphOutlineA, sub_esp, startAddress, stopAddress); + ULONG addr = MemDbg::findCallerAddress((ULONG)::GetGlyphOutlineA, sub_esp, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:CMVS1: failed"); return false; @@ -4293,8 +4268,8 @@ bool InsertCMVS2Hook() 0x74, 0x37 // 00449003 |. 74 37 je short cmvs32.0044903c }; enum { addr_offset = 3 }; // offset from the beginning of the function - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!addr) { ConsoleOutput("vnreng:CMVS2: pattern not found"); return false; @@ -4375,7 +4350,7 @@ bool InsertRUGP1Hook() LPVOID ch = (LPVOID)0x8140; enum { range = 0x20000 }; low = (DWORD)GetModuleHandleW(L"rvmm.dll"); - DWORD t = SearchPattern(low + range, process_limit, &ch, 4) + range; + DWORD t = SearchPattern(low + range, processStopAddress, &ch, 4) + range; BYTE *s = (BYTE *)(low + t); //if (t) { if (t != range) { // jichi 10/1/2013: Changed to compare with 0x20000 @@ -4525,7 +4500,7 @@ bool InsertRUGP2Hook() 0x89,0x75, 0x0c // 1001e527 8975 0c mov dword ptr ss:[ebp+0xc],esi }; enum { addr_offset = 0x1001e51d - 0x1001e515 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL_DWORD(addr); if (!addr) { ConsoleOutput("vnreng:rUGP2: pattern not found"); @@ -4764,12 +4739,12 @@ static bool InsertSystem43OldHook(ULONG startAddress, ULONG stopAddress, LPCSTR // 0xcc, 0xcc // patching a few int3 to make sure that this is at the end of the code block //}; //enum { addr_offset = -5 }; // the function call before the ins - //ULONG addr = process_base; //- sizeof(ins); + //ULONG addr = processStartAddress; //- sizeof(ins); ////addr = 0x5506a9; //enum { near_call = 0xe8 }; // intra-module function call //do { // //addr += sizeof(ins); // so that each time return diff address -- not needed - // ULONG range = min(process_limit - addr, MAX_REL_ADDR); + // ULONG range = min(processStopAddress - addr, MAX_REL_ADDR); // addr = MemDbg::findBytes(ins, sizeof(ins), addr, addr + range); // if (!addr) { // //ITH_MSG(L"failed"); @@ -4792,7 +4767,7 @@ static bool InsertSystem43OldHook(ULONG startAddress, ULONG stopAddress, LPCSTR 0xcc, 0xcc // patching a few int3 to make sure that this is at the end of the code block }; enum { addr_offset = 0 }; - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL_DWORD(addr); if (!addr) { ConsoleOutput("vnreng:System43: pattern not found"); @@ -5524,7 +5499,7 @@ static bool InsertSystem43NewHook(ULONG startAddress, ULONG stopAddress, LPCSTR 0xe8 //, XX4, // 004eeb44 e8 42dc1900 call .0068c78b }; enum { addr_offset = 0 }; - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL_DWORD(addr); if (!addr) { ConsoleOutput("vnreng:System43+: pattern not found"); @@ -5554,14 +5529,9 @@ bool InsertSystem43Hook() { //bool patched = Util::CheckFile(L"AliceRunPatch.dll"); bool patched = ::GetModuleHandleA("AliceRunPatch.dll"); - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { - ConsoleOutput("vnreng:System43: failed to get memory range"); - return false; - } // Insert new hook first - bool ok = InsertSystem43OldHook(startAddress, stopAddress, patched ? "AliceRunPatch43" : "System43"); - ok = InsertSystem43NewHook(startAddress, stopAddress, "System43+") || ok; + bool ok = InsertSystem43OldHook(processStartAddress, processStopAddress, patched ? "AliceRunPatch43" : "System43"); + ok = InsertSystem43NewHook(processStartAddress, processStopAddress, "System43+") || ok; return ok; } @@ -5579,17 +5549,17 @@ AtelierKaguya hook: ********************************************************************************************/ bool InsertAtelierHook() { - //SafeFillRange(process_name_, &base, &size); + //SafeFillRange(processName, &base, &size); //size=size-base; //DWORD sig = 0x40c683; // add esi,0x40 - //i=process_base+SearchPattern(process_base,process_limit-process_base,&sig,3); + //i=processStartAddress+SearchPattern(processStartAddress,processStopAddress-processStartAddress,&sig,3); DWORD i; - for (i = process_base; i < process_limit - 4; i++) { + for (i = processStartAddress; i < processStopAddress - 4; i++) { DWORD sig = *(DWORD *)i & 0xffffff; if (0x40c683 == sig) // add esi,0x40 break; } - if (i < process_limit - 4) + if (i < processStopAddress - 4) for (DWORD j=i-0x200; i>j; i--) if (*(DWORD *)i == 0xff6acccc) { // find the function entry HookParam hp = {}; @@ -5621,7 +5591,7 @@ CIRCUS hook: ********************************************************************************************/ bool InsertCircusHook1() // jichi 10/2/2013: Change return type to bool { - for (DWORD i = process_base + 0x1000; i < process_limit - 4; i++) + for (DWORD i = processStartAddress + 0x1000; i < processStopAddress - 4; i++) if (*(WORD *)i == 0xa3c) //cmp al, 0xA; je for (DWORD j = i; j < i + 0x100; j++) { BYTE c = *(BYTE *)j; @@ -5629,7 +5599,7 @@ bool InsertCircusHook1() // jichi 10/2/2013: Change return type to bool break; if (c == 0xe8) { DWORD k = *(DWORD *)(j+1)+j+5; - if (k > process_base && k < process_limit) { + if (k > processStartAddress && k < processStopAddress) { HookParam hp = {}; hp.address = k; hp.offset = 0xc; @@ -5677,7 +5647,7 @@ bool InsertCircusHook1() // jichi 10/2/2013: Change return type to bool */ bool InsertCircusHook2() // jichi 10/2/2013: Change return type to bool { - for (DWORD i = process_base + 0x1000; i < process_limit -4; i++) + for (DWORD i = processStartAddress + 0x1000; i < processStopAddress -4; i++) if ((*(DWORD *)i & 0xffffff) == 0x75243c) { // cmp al, 24; je if (DWORD j = SafeFindEntryAligned(i, 0x80)) { HookParam hp = {}; @@ -5783,10 +5753,10 @@ int GetShinaRioVersion() int ret = 0; HANDLE hFile = CreateFileW(L"RIO.INI", FILE_READ_DATA, FILE_SHARE_READ, nullptr, FILE_OPEN, FILE_ATTRIBUTE_NORMAL, nullptr); if (hFile == INVALID_HANDLE_VALUE) { - size_t len = ::wcslen(process_name_); + size_t len = ::wcslen(processName); if (len > 3) { wchar_t fname[MAX_PATH]; - ::wcscpy(fname, process_name_); + ::wcscpy(fname, processName); fname[len -1] = 'i'; fname[len -2] = 'n'; fname[len -3] = 'i'; @@ -5845,7 +5815,7 @@ bool InsertShinaHook() hp.type = DATA_INDIRECT|USING_SPLIT; enum { sub_esp = 0xec81 }; // jichi: caller pattern: sub esp = 0x81,0xec - if (DWORD s = Util::FindCallAndEntryBoth((DWORD)GetTextExtentPoint32A, process_limit - process_base, process_base, sub_esp)) { + if (DWORD s = Util::FindCallAndEntryBoth((DWORD)GetTextExtentPoint32A, processStopAddress - processStartAddress, processStartAddress, sub_esp)) { ConsoleOutput("vnreng: INSERT ShinaRio <= 2.47 dynamic split"); hp.split = *(DWORD *)(s + 2) + 4; //RegisterEngineType(ENGINE_SHINA); @@ -5905,7 +5875,7 @@ bool InsertWaffleDynamicHook(LPVOID addr, DWORD frame, DWORD stack) DWORD *id; }; // jichi 9/30/2013: Fix the bug in ITH logic where j is uninitialized - for (i = process_base + 0x1000; i < process_limit - 4; i++) + for (i = processStartAddress + 0x1000; i < processStopAddress - 4; i++) if (*id == handler && *(ib - 1) == 0x68) if (DWORD t = SafeFindEntryAligned(i, 0x40)) { HookParam hp = {}; @@ -5947,7 +5917,7 @@ bool InsertWaffleDynamicHook(LPVOID addr, DWORD frame, DWORD stack) // if (*(DWORD*)stack == -1) // { // retn = *(DWORD*)(stack + 4); -// if (retn > process_base && retn < process_limit) +// if (retn > processStartAddress && retn < processStopAddress) // { // HookParam hp = {}; // hp.address = retn + *(DWORD*)(retn - 4); @@ -5971,7 +5941,7 @@ bool InsertWaffleDynamicHook(LPVOID addr, DWORD frame, DWORD stack) */ void InsertWaffleHook() { - for (DWORD i = process_base + 0x1000; i < process_limit - 4; i++) + for (DWORD i = processStartAddress + 0x1000; i < processStopAddress - 4; i++) if (*(DWORD *)i == 0xac68) { HookParam hp = {}; hp.address = i; @@ -6000,7 +5970,7 @@ void InsertTinkerBellHook() HookParam hp = {}; hp.length_offset = 1; hp.type = BIG_ENDIAN|NO_CONTEXT; - for (i = process_base; i< process_limit - 4; i++) { + for (i = processStartAddress; i< processStopAddress - 4; i++) { if (*(DWORD*)i == 0x8141) { BYTE t = *(BYTE*)(i - 1); if (t == 0x3d || t == 0x2d) { @@ -6028,27 +5998,27 @@ void InsertTinkerBellHook() ConsoleOutput("vnreng:TinkerBell: failed"); } -// s1=SearchPattern(process_base,process_limit-process_base-4,&ch,4); +// s1=SearchPattern(processStartAddress,processStopAddress-processStartAddress-4,&ch,4); // if (s1) // { // for (i=s1;i>s1-0x400;i--) // { -// if (*(WORD*)(process_base+i)==0xec83) +// if (*(WORD*)(processStartAddress+i)==0xec83) // { -// hp.address=process_base+i; +// hp.address=processStartAddress+i; // NewHook(hp, "C.System"); // break; // } // } // } -// s2=s1+SearchPattern(process_base+s1+4,process_limit-s1-8,&ch,4); +// s2=s1+SearchPattern(processStartAddress+s1+4,processStopAddress-s1-8,&ch,4); // if (s2) // { // for (i=s2;i>s2-0x400;i--) // { -// if (*(WORD*)(process_base+i)==0xec83) +// if (*(WORD*)(processStartAddress+i)==0xec83) // { -// hp.address=process_base+i; +// hp.address=processStartAddress+i; // NewHook(hp, "TinkerBell"); // break; // } @@ -6063,8 +6033,8 @@ bool InsertMBLHook() { enum : DWORD { fun = 0xec8b55 }; // jichi 10/20/2014: mov ebp,esp, sub esp,* bool ret = false; - if (DWORD c = Util::FindCallOrJmpAbs((DWORD)::ExtTextOutA, process_limit - process_base, process_base, true)) - if (DWORD addr = Util::FindCallAndEntryRel(c, process_limit - process_base, process_base, fun)) { + if (DWORD c = Util::FindCallOrJmpAbs((DWORD)::ExtTextOutA, processStopAddress - processStartAddress, processStartAddress, true)) + if (DWORD addr = Util::FindCallAndEntryRel(c, processStopAddress - processStartAddress, processStartAddress, fun)) { HookParam hp = {}; hp.address = addr; hp.offset = 4; @@ -6073,8 +6043,8 @@ bool InsertMBLHook() NewHook(hp, "MBL-Furigana"); ret = true; } - if (DWORD c = Util::FindCallOrJmpAbs((DWORD)::GetGlyphOutlineA, process_limit - process_base, process_base, true)) - if (DWORD addr = Util::FindCallAndEntryRel(c, process_limit - process_base, process_base, fun)) { + if (DWORD c = Util::FindCallOrJmpAbs((DWORD)::GetGlyphOutlineA, processStopAddress - processStartAddress, processStartAddress, true)) + if (DWORD addr = Util::FindCallAndEntryRel(c, processStopAddress - processStartAddress, processStartAddress, fun)) { HookParam hp = {}; hp.address = addr; hp.offset = 4; @@ -6140,19 +6110,19 @@ YU-RIS hook: static bool InsertYuris1Hook() { //IthBreak(); - DWORD entry = Util::FindCallAndEntryBoth((DWORD)TextOutA, process_limit - process_base, process_base, 0xec83); + DWORD entry = Util::FindCallAndEntryBoth((DWORD)TextOutA, processStopAddress - processStartAddress, processStartAddress, 0xec83); //GROWL_DWORD(entry); if (!entry) { ConsoleOutput("vnreng:YU-RIS: function entry does not exist"); return false; } - entry = Util::FindCallAndEntryRel(entry - 4, process_limit - process_base, process_base, 0xec83); + entry = Util::FindCallAndEntryRel(entry - 4, processStopAddress - processStartAddress, processStartAddress, 0xec83); //GROWL_DWORD(entry); if (!entry) { ConsoleOutput("vnreng:YU-RIS: function entry does not exist"); return false; } - entry = Util::FindCallOrJmpRel(entry - 4,process_limit - process_base - 0x10000, process_base + 0x10000, false); + entry = Util::FindCallOrJmpRel(entry - 4,processStopAddress - processStartAddress - 0x10000, processStartAddress + 0x10000, false); DWORD i, t = 0; //GROWL_DWORD(entry); @@ -6279,7 +6249,7 @@ static bool InsertYuris1Hook() */ static bool InsertYuris2Hook() { - ULONG addr = MemDbg::findCallAddress((ULONG)::TextOutA, process_base, process_limit); + ULONG addr = MemDbg::findCallAddress((ULONG)::TextOutA, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:YU-RIS2: failed"); return false; @@ -6317,14 +6287,8 @@ bool InsertYurisHook() bool InsertCotophaHook() { - // jichi 7/12/2014: Change to accurate memory ranges - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:Cotopha: failed to get memory range"); - return false; - } enum : DWORD { ins = 0xec8b55 }; // mov ebp,esp, sub esp,* ; jichi 7/12/2014 - ULONG addr = MemDbg::findCallerAddress((ULONG)::GetTextMetricsA, ins, startAddress, stopAddress); + ULONG addr = MemDbg::findCallerAddress((ULONG)::GetTextMetricsA, ins, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:Cotopha: pattern not exist"); return false; @@ -6485,9 +6449,9 @@ static void SpecialHookCatSystem3(DWORD esp_base, HookParam *, BYTE, DWORD *data bool InsertCatSystemHook() { //DWORD search=0x95EB60F; - //DWORD j,i=SearchPattern(process_base,process_limit-process_base,&search,4); + //DWORD j,i=SearchPattern(processStartAddress,processStopAddress-processStartAddress,&search,4); //if (i==0) return; - //i+=process_base; + //i+=processStartAddress; //for (j=i-0x100;i>j;i--) // if (*(DWORD*)i==0xcccccccc) break; //if (i==j) return; @@ -6499,15 +6463,9 @@ bool InsertCatSystemHook() //hp.type =BIG_ENDIAN|DATA_INDIRECT|USING_SPLIT|SPLIT_INDIRECT; //hp.length_offset=1; - // jichi 7/12/2014: Change to accurate memory ranges - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:CatSystem2: failed to get memory range"); - return false; - } enum { beg = 0xff6acccc }; // jichi 7/12/2014: beginning of the function enum { addr_offset = 2 }; // skip two leading 0xcc - ULONG addr = MemDbg::findCallerAddress((ULONG)::GetTextMetricsA, beg, startAddress, stopAddress); + ULONG addr = MemDbg::findCallerAddress((ULONG)::GetTextMetricsA, beg, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:CatSystem2: pattern not exist"); return false; @@ -6537,7 +6495,7 @@ bool InsertCatSystemHook() bool InsertNitroplusHook() { const BYTE bytes[] = {0xb0, 0x74, 0x53}; - DWORD addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + DWORD addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:Nitroplus: pattern not exist"); return false; @@ -6641,7 +6599,7 @@ bool InsertMalieHook1() { const DWORD sig1 = 0x05e3c1; enum { sig1_size = 3 }; - DWORD i = SearchPattern(process_base, process_limit - process_base, &sig1, sig1_size); + DWORD i = SearchPattern(processStartAddress, processStopAddress - processStartAddress, &sig1, sig1_size); if (!i) { ConsoleOutput("vnreng:MalieHook1: pattern i not exist"); return false; @@ -6649,8 +6607,8 @@ bool InsertMalieHook1() const WORD sig2 = 0xc383; enum { sig2_size = 2 }; - DWORD j = i + process_base + sig1_size; - i = SearchPattern(j, process_limit - j, &sig2, sig2_size); + DWORD j = i + processStartAddress + sig1_size; + i = SearchPattern(j, processStopAddress - j, &sig2, sig2_size); //if (!j) if (!i) { // jichi 8/19/2013: Change the condition fro J to I ConsoleOutput("vnreng:MalieHook1: pattern j not exist"); @@ -6692,7 +6650,7 @@ void SpecialHookMalie(DWORD esp_base, HookParam *, BYTE, DWORD *data, DWORD *spl bool InsertMalieHook2() // jichi 8/20/2013: Change return type to boolean { const BYTE bytes[] = {0x66,0x3d,0x1,0x0}; - DWORD start = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + DWORD start = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!start) { ConsoleOutput("vnreng:MalieHook2: pattern not exist"); return false; @@ -6789,8 +6747,8 @@ bool InsertMalie2Hook() 0x33,0xd2, // xor edx,edx 0x89,0x46, 0x04 // mov dword ptr ds:[esi+0x4],eax }; - ULONG range1 = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes1, sizeof(bytes1), process_base, process_base + range1); + ULONG range1 = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes1, sizeof(bytes1), processStartAddress, processStartAddress + range1); //reladdr = 0x1a3df4; if (!addr) { //ITH_MSG(0, "Wrong1", "t", 0); @@ -7034,7 +6992,7 @@ bool InsertMalie3Hook() 0x42 // 5b51f1 inc edx }; enum {addr_offset = 0x5b51ed - 0x5b51e0}; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:Malie3: pattern not found"); return false; @@ -7072,7 +7030,7 @@ bool InsertMalie4Hook() 0x83,0xC4,0x10 // 659066 | 83 C4 10 | add esp,10 | }; enum {addr_offset = 0x65905E - 0x65904E}; - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:Malie4: pattern not found"); return false; @@ -7149,13 +7107,13 @@ EMEHook hook: (Contributed by Freaka) ********************************************************************************************/ bool InsertEMEHook() { - ULONG addr = MemDbg::findCallAddress((ULONG)::IsDBCSLeadByte, process_base, process_limit); + ULONG addr = MemDbg::findCallAddress((ULONG)::IsDBCSLeadByte, processStartAddress, processStopAddress); // no needed as first call to IsDBCSLeadByte is correct, but sig could be used for further verification //WORD sig = 0x51C3; //while (c && (*(WORD*)(c-2)!=sig)) //{ // //-0x1000 as FindCallOrJmpAbs always uses an offset of 0x1000 - // c = Util::FindCallOrJmpAbs((DWORD)IsDBCSLeadByte,process_limit-c-0x1000+4,c-0x1000+4,false); + // c = Util::FindCallOrJmpAbs((DWORD)IsDBCSLeadByte,processStopAddress-c-0x1000+4,c-0x1000+4,false); //} if (!addr) { ConsoleOutput("vnreng:EME: pattern does not exist"); @@ -7183,7 +7141,7 @@ static void SpecialRunrunEngine(DWORD esp_base, HookParam *, BYTE, DWORD *data, } bool InsertRREHook() { - ULONG addr = MemDbg::findCallAddress((ULONG)::IsDBCSLeadByte, process_base, process_limit); + ULONG addr = MemDbg::findCallAddress((ULONG)::IsDBCSLeadByte, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:RRE: function call does not exist"); return false; @@ -7208,12 +7166,12 @@ bool InsertRREHook() } bool InsertMEDHook() { - for (DWORD i = process_base; i < process_limit - 4; i++) + for (DWORD i = processStartAddress; i < processStopAddress - 4; i++) if (*(DWORD *)i == 0x8175) //cmp *, 8175 for (DWORD j = i, k = i + 0x100; j < k; j++) if (*(BYTE *)j == 0xe8) { DWORD t = j + 5 + *(DWORD *)(j + 1); - if (t > process_base && t < process_limit) { + if (t > processStartAddress && t < processStopAddress) { HookParam hp = {}; hp.address = t; hp.offset = -0x8; @@ -7629,8 +7587,8 @@ bool InsertAbelHook() // 004413DB 894424 58 MOV DWORD PTR SS:[ESP+0x58],EAX const DWORD character[] = {0xc981d48a, 0xffffff00}; - if (DWORD j = SearchPattern(process_base, process_limit - process_base, character, sizeof(character))) { - j += process_base; + if (DWORD j = SearchPattern(processStartAddress, processStopAddress - processStartAddress, character, sizeof(character))) { + j += processStartAddress; for (DWORD i = j - 0x100; j > i; j--) if (*(WORD *)j == 0xff6a) { HookParam hp = {}; @@ -7656,7 +7614,7 @@ bool InsertLiveDynamicHook(LPVOID addr, DWORD frame, DWORD stack) if (*(BYTE *)(k - 5) != 0xe8) k = *(DWORD *)(frame + 4); DWORD j = k + *(DWORD *)(k - 4); - if (j > process_base && j < process_limit) { + if (j > processStartAddress && j < processStopAddress) { HookParam hp = {}; hp.address = j; hp.offset = -0x10; @@ -7679,7 +7637,7 @@ bool InsertLiveDynamicHook(LPVOID addr, DWORD frame, DWORD stack) bool InsertLiveHook() { const BYTE ins[] = {0x64,0x89,0x20,0x8b,0x45,0x0c,0x50}; - ULONG addr = MemDbg::findBytes(ins, sizeof(ins), process_base, process_limit); + ULONG addr = MemDbg::findBytes(ins, sizeof(ins), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:Live: pattern not found"); return false; @@ -7729,8 +7687,8 @@ void InsertBrunsHook() WORD *iw; BYTE *ib; }; - DWORD k = process_limit - 4; - for (i = process_base + 0x1000; i < k; i++) { + DWORD k = processStopAddress - 4; + for (i = processStartAddress + 0x1000; i < k; i++) { if (*id != 0xff) //cmp reg,0xff continue; i += 4; @@ -7743,14 +7701,14 @@ void InsertBrunsHook() continue; i++; DWORD t = i + 4 + *id; - if (t > process_base && t processStartAddress && t process_base && t processStartAddress && t k; j--) if (*(DWORD *)j == 0xc0330a8a) { // mov cl,[edx]; xor eax,eax @@ -7917,7 +7875,7 @@ bool InsertCandyHook1() // jichi 8/23/2013: Process name is NOT "SystemC.exe" bool InsertCandyHook2() { - for (DWORD i = process_base + 0x1000; i < process_limit - 4 ;i++) + for (DWORD i = processStartAddress + 0x1000; i < processStopAddress - 4 ;i++) if (*(WORD *)i == 0x5b3c || // cmp al,0x5b (*(DWORD *)i & 0xfff8fc) == 0x5bf880) // cmp reg,0x5B for (DWORD j = i, k = i - 0x100; j > k; j--) @@ -7956,16 +7914,16 @@ bool InsertCandyHook2() // 0x75, 0x0e // jnz XXOO ; it must be 0xe, or there will be duplication // }; // enum { addr_offset = 0 }; -// ULONG range = min(process_limit - process_base, MAX_REL_ADDR); -// ULONG reladdr = SearchPattern(process_base, range, ins, sizeof(ins)); +// ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); +// ULONG reladdr = SearchPattern(processStartAddress, range, ins, sizeof(ins)); // reladdr = 0x104a48; -// GROWL_DWORD(process_base); -// //GROWL_DWORD3(reladdr, process_base, range); +// GROWL_DWORD(processStartAddress); +// //GROWL_DWORD3(reladdr, processStartAddress, range); // if (!reladdr) // return false; // // HookParam hp = {}; -// hp.address = process_base + reladdr + addr_offset; +// hp.address = processStartAddress + reladdr + addr_offset; // hp.offset = -8; // hp.type = USING_STRING|NO_CONTEXT; // NewHook(hp, "Candy"); @@ -7977,7 +7935,7 @@ bool InsertCandyHook2() // jichi 10/2/2013: Add new candy hook bool InsertCandyHook() { - //if (0 == _wcsicmp(process_name_, L"systemc.exe")) + //if (0 == _wcsicmp(processName, L"systemc.exe")) if (Util::CheckFile(L"SystemC.exe")) return InsertCandyHook1(); else @@ -8062,7 +8020,7 @@ static void SpecialHookApricoT(DWORD esp_base, HookParam *, BYTE, DWORD *data, D //*split = reg_esp; //*split = regof(esp, esp_base); DWORD arg = argof(16, esp_base); // return address - *split = arg > process_base ? arg - process_base : arg; // use relative split value + *split = arg > processStartAddress ? arg - processStartAddress : arg; // use relative split value //*split = argof(1, esp_base); if (script[0] == L'<') { DWORD *end; @@ -8106,7 +8064,7 @@ static void SpecialHookApricoT(DWORD esp_base, HookParam *, BYTE, DWORD *data, D bool InsertApricoTHook() { - for (DWORD i = process_base + 0x1000; i < process_limit - 4; i++) + for (DWORD i = processStartAddress + 0x1000; i < processStopAddress - 4; i++) if ((*(DWORD *)i & 0xfff8fc) == 0x3cf880) // cmp reg,0x3c for (DWORD j = i + 3, k = i + 0x100; j < k; j++) if ((*(DWORD *)j & 0xffffff) == 0x4c2) { // retn 4 @@ -8115,7 +8073,7 @@ bool InsertApricoTHook() hp.text_fun = SpecialHookApricoT; hp.type = USING_STRING|NO_CONTEXT|USING_UNICODE; ConsoleOutput("vnreng: INSERT ApricoT"); - //GROWL_DWORD3(hp.address, process_base, process_limit); + //GROWL_DWORD3(hp.address, processStartAddress, processStopAddress); NewHook(hp, "ApRicoT"); //RegisterEngineType(ENGINE_APRICOT); // jichi 2/14/2015: disable cached GDI functions @@ -8146,12 +8104,12 @@ void InsertStuffScriptHook() } bool InsertTriangleHook() { - for (DWORD i = process_base; i < process_limit - 4; i++) + for (DWORD i = processStartAddress; i < processStopAddress - 4; i++) if ((*(DWORD *)i & 0xffffff) == 0x75403c) // cmp al,0x40; jne for (DWORD j = i + 4 + *(BYTE*)(i+3), k = j + 0x20; j < k; j++) if (*(BYTE*)j == 0xe8) { DWORD t = j + 5 + *(DWORD *)(j + 1); - if (t > process_base && t < process_limit) { + if (t > processStartAddress && t < processStopAddress) { HookParam hp = {}; hp.address = t; hp.offset = 4; @@ -8168,7 +8126,7 @@ bool InsertTriangleHook() } bool InsertPensilHook() { - for (DWORD i = process_base; i < process_limit - 4; i++) + for (DWORD i = processStartAddress; i < processStopAddress - 4; i++) if (*(DWORD *)i == 0x6381) // cmp *,8163 if (DWORD j = SafeFindEntryAligned(i, 0x100)) { HookParam hp = {}; @@ -8223,14 +8181,14 @@ void SpecialHookDebonosuScenario(DWORD esp_base, HookParam *hp, BYTE, DWORD *dat } bool InsertDebonosuScenarioHook() { - DWORD addr = Util::FindImportEntry(process_base, (DWORD)lstrcatA); + DWORD addr = Util::FindImportEntry(processStartAddress, (DWORD)lstrcatA); if (!addr) { ConsoleOutput("vnreng:Debonosu: lstrcatA is not called"); return false; } DWORD search = 0x15ff | (addr << 16); // jichi 10/20/2014: call dword ptr ds addr >>= 16; - for (DWORD i = process_base; i < process_limit - 4; i++) + for (DWORD i = processStartAddress; i < processStopAddress - 4; i++) if (*(DWORD *)i == search && *(WORD *)(i + 4) == addr && // call dword ptr lstrcatA *(BYTE *)(i - 5) == 0x68) { // push $ @@ -8268,11 +8226,6 @@ void SpecialHookDebonosuName(DWORD esp_base, HookParam *hp, BYTE, DWORD *data, D } bool InsertDebonosuNameHook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:Silkys: failed to get memory range"); - return false; - } const BYTE bytes[] = { // 0032f659 32c0 xor al,al // 0032f65b 5b pop ebx @@ -8291,7 +8244,7 @@ bool InsertDebonosuNameHook() 0x0f,0x45,0xc8, // 0032f675 0f45c8 cmovne ecx,eax 0x57 // 0032f678 57 push edi }; - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:DebonosuName: pattern NOT FOUND"); return false; @@ -8459,7 +8412,7 @@ bool InsertSystemAoiDynamicHook(LPVOID addr, DWORD frame, DWORD stack) return false; DWORD high, low; - Util::GetCodeRange(process_base, &low, &high); + Util::GetCodeRange(processStartAddress, &low, &high); // jichi 2/15/2015: Traverse the stack to dynamically find the ancestor call from the main module const DWORD stop = (stack & 0xffff0000) + 0x10000; // range to traverse the stack @@ -8595,7 +8548,7 @@ bool InsertCaramelBoxHook() { union { DWORD i; BYTE* pb; WORD* pw; DWORD *pd; }; DWORD reg = -1; - for (i = process_base + 0x1000; i < process_limit - 4; i++) { + for (i = processStartAddress + 0x1000; i < processStopAddress - 4; i++) { if (*pd == 0x7ff3d) // cmp eax, 7ff reg = 0; else if ((*pd & 0xfffff8fc) == 0x07fff880) // cmp reg, 7ff @@ -8623,7 +8576,7 @@ bool InsertCaramelBoxHook() hp.address = j & ~0xf; hp.text_fun = SpecialHookCaramelBox; hp.type = USING_STRING; - for (i &= ~0xffff; i < process_limit - 4; i++) + for (i &= ~0xffff; i < processStopAddress - 4; i++) if (pb[0] == 0xe8) { pb++; if (pd[0] + i + 4 == hp.address) { @@ -8703,8 +8656,8 @@ bool InsertOldWolfHook() // Step 2: find where this function is called // Step 3: search "sub esp, XX" after where it is called enum { sub_esp = 0xec81 }; // jichi: caller pattern: sub esp = 0x81,0xec - if (DWORD c1 = Util::FindCallAndEntryAbs((DWORD)GetTextMetricsA, process_limit - process_base, process_base, sub_esp)) - if (DWORD c2 = Util::FindCallOrJmpRel(c1, process_limit - process_base, process_base, 0)) { + if (DWORD c1 = Util::FindCallAndEntryAbs((DWORD)GetTextMetricsA, processStopAddress - processStartAddress, processStartAddress, sub_esp)) + if (DWORD c2 = Util::FindCallOrJmpRel(c1, processStopAddress - processStartAddress, processStartAddress, 0)) { union { DWORD i; WORD *k; @@ -8762,12 +8715,12 @@ void SpecialHookWolf2(DWORD esp_base, HookParam *, BYTE, DWORD *data, DWORD *spl // jichi 6/11/2015: See embed translation source code bool InsertWolf2Hook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress + ULONG processStartAddress, processStopAddress; + if (!FillRange(processName,&startAddress, &stopAddress)) { // need accurate stopAddress ConsoleOutput("vnreng:WolfRPG2: failed to get memory range"); return false; } - ULONG addr = MemDbg::findCallerAddressAfterInt3((ULONG)::CharNextA, startAddress, stopAddress); + ULONG addr = MemDbg::findCallerAddressAfterInt3((ULONG)::CharNextA, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:WolfRPG2: failed to find target function"); return false; @@ -8973,7 +8926,7 @@ bool InsertC4Hook() { const BYTE bytes[] = { 0x8a, 0x10, 0x40, 0x80, 0xfa, 0x5f, 0x88, 0x15 }; //enum { addr_offset = 0 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:C4: pattern not found"); return false; @@ -9103,18 +9056,18 @@ namespace { // unnamed #if 0 static bool InsertWillPlusHook2() // jichi 1/18/2015: Add new hook { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress + ULONG processStartAddress, processStopAddress; + if (!FillRange(processName,&startAddress, &stopAddress)) { // need accurate stopAddress ConsoleOutput("vnreng:WillPlus2: failed to get memory range"); return false; } // The following won't work after inserting WillPlus1, which also produces int3 - //ULONG addr = MemDbg::findCallerAddressAfterInt3((DWORD)::GetGlyphOutlineA, startAddress, stopAddress); + //ULONG addr = MemDbg::findCallerAddressAfterInt3((DWORD)::GetGlyphOutlineA, processStartAddress, processStopAddress); // 00418210 81ec b4000000 sub esp,0xb4 enum { sub_esp = 0xec81 }; // jichi: caller pattern: sub esp = 0x81,0xec - ULONG addr = MemDbg::findCallerAddress((ULONG)::GetGlyphOutlineA, sub_esp, startAddress, stopAddress); + ULONG addr = MemDbg::findCallerAddress((ULONG)::GetGlyphOutlineA, sub_esp, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:WillPlus2: could not find caller of GetGlyphOutlineA"); return false; @@ -9195,7 +9148,7 @@ bool InsertOldWillPlusHook() { //__debugbreak(); enum { sub_esp = 0xec81 }; // jichi: caller pattern: sub esp = 0x81,0xec byte - ULONG addr = MemDbg::findCallerAddress((ULONG)::GetGlyphOutlineA, sub_esp, process_base, process_limit); + ULONG addr = MemDbg::findCallerAddress((ULONG)::GetGlyphOutlineA, sub_esp, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:WillPlus: function call not found"); return false; @@ -9288,7 +9241,7 @@ bool InsertWillPlusAHook() const BYTE bytes[] = { 0x81,0xec, 0x14,0x08,0x00,0x00 // 0042B5E0 81EC 14080000 SUB ESP,0x814 ; jichi: text in eax, name in eax - 1024, able to copy }; - DWORD addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + DWORD addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:WillPlusA: pattern not found"); return false; @@ -9334,7 +9287,7 @@ bool InsertWillPlusWHook() const BYTE *bytes[] = {bytes1, bytes2}; const size_t sizes[] = {sizeof(bytes1), sizeof(bytes2)}; for (int i = 0; i < 2; i++) { - DWORD addr = MemDbg::findBytes(bytes[i], sizes[i], process_base, process_limit); + DWORD addr = MemDbg::findBytes(bytes[i], sizes[i], processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:WillPlusW: pattern not found"); return false; @@ -9381,7 +9334,7 @@ bool InsertWillPlusHook() bool InsertTanukiHook() { ConsoleOutput("vnreng: trying TanukiSoft"); - for (DWORD i = process_base; i < process_limit - 4; i++) + for (DWORD i = processStartAddress; i < processStopAddress - 4; i++) if (*(DWORD *)i == 0x8140) if (DWORD j = SafeFindEntryAligned(i, 0x400)) { // jichi 9/14/2013: might crash the game without admin priv //GROWL_DWORD2(i, j); @@ -9673,7 +9626,7 @@ static bool InsertGXP1Hook() BYTE *ib; }; //__asm int 3 - for (i = process_base + 0x1000; i < process_limit - 4; i++) { + for (i = processStartAddress + 0x1000; i < processStopAddress - 4; i++) { // jichi example: // 00A78144 66:833C70 00 CMP WORD PTR DS:[EAX+ESI*2],0x0 @@ -9685,7 +9638,7 @@ static bool InsertGXP1Hook() continue; i++; DWORD j = i + 0x200; - j = j < (process_limit - 8) ? j : (process_limit - 8); + j = j < (processStopAddress - 8) ? j : (processStopAddress - 8); DWORD flag = false; while (i < j) { @@ -9703,7 +9656,7 @@ static bool InsertGXP1Hook() if (*ib == 0xe8) { // jichi: find first long call after the push operation i++; DWORD addr = *id + i + 4; - if (addr > process_base && addr < process_limit) { + if (addr > processStartAddress && addr < processStopAddress) { HookParam hp = {}; hp.address = addr; //hp.type = USING_UNICODE|DATA_INDIRECT; @@ -9711,12 +9664,12 @@ static bool InsertGXP1Hook() hp.length_offset = 1; hp.offset = 4; - //GROWL_DWORD3(hp.address, process_base, hp.address - process_base); + //GROWL_DWORD3(hp.address, processStartAddress, hp.address - processStartAddress); - //DWORD call = Util::FindCallAndEntryAbs(hp.address, process_limit - process_base, process_base, 0xec81); // zero - //DWORD call = Util::FindCallAndEntryAbs(hp.address, process_limit - process_base, process_base, 0xec83); // zero - //DWORD call = Util::FindCallAndEntryAbs(hp.address, process_limit - process_base, process_base, 0xec8b55); // zero - //GROWL_DWORD3(call, process_base, call - process_base); + //DWORD call = Util::FindCallAndEntryAbs(hp.address, processStopAddress - processStartAddress, processStartAddress, 0xec81); // zero + //DWORD call = Util::FindCallAndEntryAbs(hp.address, processStopAddress - processStartAddress, processStartAddress, 0xec83); // zero + //DWORD call = Util::FindCallAndEntryAbs(hp.address, processStopAddress - processStartAddress, processStartAddress, 0xec8b55); // zero + //GROWL_DWORD3(call, processStartAddress, call - processStartAddress); ConsoleOutput("vnreng: INSERT GXP"); NewHook(hp, "GXP"); @@ -9738,12 +9691,6 @@ static bool InsertGXP1Hook() static bool InsertGXP2Hook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { - ConsoleOutput("vnreng:GXP2: failed to get memory range"); - return false; - } - // pattern = 0x0f5bc9f30f11442444f30f114c2448e8 const BYTE bytes[] = { 0x0f,0x5b, // 00A78845 0F5B ??? ; Unknown command @@ -9753,7 +9700,7 @@ static bool InsertGXP2Hook() 0xe8 //37040000 // 00A78854 E8 37040000 CALL .00A78C90 ; jichi: here's the target function to hook to, text char on the stack[0] }; enum { addr_offset = sizeof(bytes) - 1 }; // 0x00a78854 - 0x00a78845 - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:GXP2: pattern not found"); return false; @@ -9857,7 +9804,7 @@ _fin: bool InsertAnex86Hook() { const DWORD dwords[] = {0x618ac033,0x0d418a0c}; // jichi 12/25/2013: Remove static keyword - for (DWORD i = process_base + 0x1000; i < process_limit - 8; i++) + for (DWORD i = processStartAddress + 0x1000; i < processStopAddress - 8; i++) if (*(DWORD *)i == dwords[0]) if (*(DWORD *)(i + 4) == dwords[1]) { HookParam hp = {}; @@ -9913,10 +9860,10 @@ bool InsertNextonHook() 0x0f,0x84 // 00804152 ^0f84 c0feffff je imoutoba.00804018 }; //enum { addr_offset = 0 }; - ULONG addr = process_base; //- sizeof(bytes); + ULONG addr = processStartAddress; //- sizeof(bytes); do { addr += sizeof(bytes); // ++ so that each time return diff address - ULONG range = min(process_limit - addr, MAX_REL_ADDR); + ULONG range = min(processStopAddress - addr, MAX_REL_ADDR); addr = MemDbg::findBytes(bytes, sizeof(bytes), addr, addr + range); if (!addr) { ConsoleOutput("vnreng:NEXTON: pattern not exist"); @@ -9939,12 +9886,7 @@ bool InsertNextonHook() 0x0f,0x84 //c2feffff // 0044d6a4 ^0f84 c2feffff je .0044d56c }; enum { addr_offset = 0x0044d69e - 0x0044d696 }; // = 8 - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { - ConsoleOutput("vnreng:NEXTON: failed to get memory range"); - return false; - } - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:NEXTON: pattern not exist"); return false; @@ -9956,7 +9898,7 @@ bool InsertNextonHook() // return false; //} - //GROWL_DWORD3(process_base, addr, *(DWORD *)(addr-8)); + //GROWL_DWORD3(processStartAddress, addr, *(DWORD *)(addr-8)); //HookParam hp = {}; //hp.address = addr; //hp.offset = 4; // text in arg1 @@ -10199,13 +10141,6 @@ bool InsertNextonHook() */ bool InsertNexton1Hook() { - // Use accurate stopAddress in case of running out of memory - // Since the file pattern for Nexton1 is not accurate. - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { - ConsoleOutput("vnreng:NEXTON1: failed to get memory range"); - return false; - } const BYTE bytes[] = { 0x56, // 00419750 56 push esi ; jichi: hook here, text in arg1 0x8b,0x74,0x24, 0x08, // 00419751 8b7424 08 mov esi,dword ptr ss:[esp+0x8] @@ -10228,7 +10163,7 @@ bool InsertNexton1Hook() //0xc2, 0x04,0x00 // 00419777 c2 0400 retn 0x4 }; enum { addr_offset = 0 }; // distance to the beginning of the function - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL_DWORD(addr); // supposed to be 0x4010e0 if (!addr) { ConsoleOutput("vnreng:NEXTON1: pattern not found"); @@ -10267,8 +10202,8 @@ bool InsertUnicornHook() 0x8b,0xf8 // mov edi,eax }; //enum { addr_offset = 0 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!addr) { ConsoleOutput("vnreng:Unicorn: pattern not exist"); return false; @@ -10280,7 +10215,7 @@ bool InsertUnicornHook() hp.offset = -0x24; // jichi: text in edi hp.address = addr; - //index = SearchPattern(process_base, size,ins, sizeof(ins)); + //index = SearchPattern(processStartAddress, size,ins, sizeof(ins)); //GROWL_DWORD2(base, index); ConsoleOutput("vnreng: INSERT Unicorn"); @@ -10353,9 +10288,9 @@ bool InsertArtemis1Hook() 0x75, 0x0e // jnz XXOO ; it must be 0xe, or there will be duplication }; //enum { addr_offset = 0 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); - //GROWL_DWORD3(reladdr, process_base, range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); + //GROWL_DWORD3(reladdr, processStartAddress, range); if (!addr) { ConsoleOutput("vnreng:Artemis1: pattern not exist"); return false; @@ -10405,8 +10340,8 @@ bool InsertArtemis2Hook() 0x8B, 0x4D, 0x0C // 0054465C | 8B 4D 0C | mov ecx,dword ptr ss:[ebp+C] | ecx:DbgUiRemoteBreakin, [ebp+C]:BaseThreadInitThunk }; enum { addr_offset = 0 }; // distance to the beginning of the function, which is 0x55 (push ebp) - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!addr) { ConsoleOutput("vnreng:Artemis2: pattern not found"); return false; @@ -10573,9 +10508,9 @@ bool InsertTaskforce2Hook() 0x3b,0xfb // 005948e9 |> 3bfb cmp edi,ebx ; jichi: hook here }; enum { addr_offset = sizeof(bytes) - 2 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); - //GROWL_DWORD3(reladdr, process_base, range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); + //GROWL_DWORD3(reladdr, processStartAddress, range); if (!addr) { ConsoleOutput("vnreng:Taskforce2: pattern not exist"); //return false; @@ -10587,7 +10522,7 @@ bool InsertTaskforce2Hook() hp.type = BIG_ENDIAN|USING_STRING; // 0x41 //GROWL_DWORD(hp.address); - //hp.address = 0x1948e9 + process_base; + //hp.address = 0x1948e9 + processStartAddress; ConsoleOutput("vnreng: INSERT Taskforce2"); NewHook(hp, "Taskforce2"); @@ -10610,8 +10545,8 @@ namespace { // unnamed Rejet * off: 0xfffffff8 (-0x8) * type: 1096 (0x448) * - * process_base = 10e0000 (variant) - * hook_addr = process_base + reladdr = 0xe55332 + * processStartAddress = 10e0000 (variant) + * hook_addr = processStartAddress + reladdr = 0xe55332 * 01185311 . FFF0 PUSH EAX ; beginning of a new function * 01185313 . 0FC111 XADD DWORD PTR DS:[ECX],EDX * 01185316 . 4A DEC EDX @@ -10640,7 +10575,7 @@ namespace { // unnamed Rejet * length_offset: 1 * type: 1096 (0x448) * - * process_base: 0x12b0000 + * processStartAddress: 0x12b0000 * * 01357ad2 . fff0 push eax ; beginning of a new function * 01357ad4 . 0fc111 xadd dword ptr ds:[ecx],edx @@ -10673,7 +10608,7 @@ namespace { // unnamed Rejet * 01357b26 . 68 28a17501 push dotkares.0175a128 ; /arg1 = 0175a128 ascii "
" * * - Type2: Tiny×MACHINEGUN: /HBN-8*0@4CEB8:TinyMachinegun.exe - * process_base: 0x12f0000 + * processStartAddress: 0x12f0000 * There are two possible places to hook * * 0133cea0 . fff0 push eax ; beginning of a new function @@ -10732,11 +10667,11 @@ bool FindRejetHook(LPCVOID pattern, DWORD pattern_size, DWORD hook_off, DWORD ho // 0x85,0xd2, // 01185317 . 85d2 test edx,edx // 0x0f,0x8f // 01185319 . 0f8f 45020000 jg DotKares.01185564 //}; - //GROWL_DWORD(process_base); - ULONG addr = process_base; //- sizeof(pattern); + //GROWL_DWORD(processStartAddress); + ULONG addr = processStartAddress; //- sizeof(pattern); do { //addr += sizeof(pattern); // ++ so that each time return diff address - ULONG range = min(process_limit - addr, MAX_REL_ADDR); + ULONG range = min(processStopAddress - addr, MAX_REL_ADDR); addr = MemDbg::findBytes(pattern, pattern_size, addr, addr + range); if (!addr) { //ITH_MSG(L"failed"); @@ -10818,10 +10753,10 @@ bool InsertRejetHook3() // jichi 12/28/2013: add for 剣が君 // Offset to the function call from the beginning of the function //enum { addr_offset = 0x27 }; // Type2: hex(0x0133CEC7-0x0133CEA0) = hex(0x01357af9-0x1357ad2) enum { hook_offset = -0xc }; // hook parameter - ULONG addr = process_base; //- sizeof(bytes); + ULONG addr = processStartAddress; //- sizeof(bytes); while (true) { //addr += sizeof(bytes); // ++ so that each time return diff address - ULONG range = min(process_limit - addr, MAX_REL_ADDR); + ULONG range = min(processStopAddress - addr, MAX_REL_ADDR); addr = MemDbg::findBytes(bytes, sizeof(bytes), addr, addr + range); if (!addr) { //ITH_MSG(L"failed"); @@ -10845,7 +10780,7 @@ bool InsertRejetHook3() // jichi 12/28/2013: add for 剣が君 } } //while(0xe8202474 != *(DWORD *)(addr - 3)); - //GROWL_DWORD(addr - process_base); // = 0xb3578 for 剣が君 + //GROWL_DWORD(addr - processStartAddress); // = 0xb3578 for 剣が君 ConsoleOutput("vnreng: INSERT Rejet"); // The same as type2 @@ -10941,8 +10876,8 @@ bool InsertTencoHook() 0xe8 //740cf6ff // 004ad807 |. e8 740cf6ff |call 英雼�戦.0040e480 ; jichi: hook here }; enum { addr_offset = sizeof(bytes) - 1 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //reladdr = 0x4ad807; if (!addr) { ConsoleOutput("vnreng:Tenco: pattern not found"); @@ -11053,8 +10988,8 @@ bool InsertAOS1Hook() 0x85,0xc9 // 00e3c354 |. 85c9 test ecx,ecx }; enum { addr_offset = 0x00e3c2f0 - 0x00e3c33c }; // distance to the beginning of the function, which is 0x51 (push ecx) - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL(reladdr); if (!addr) { ConsoleOutput("vnreng:AOS1: pattern not found"); @@ -11094,8 +11029,8 @@ bool InsertAOS2Hook() }; enum { addr_offset = 0 }; // distance to the beginning of the function, which is 0x51 (push ecx) - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL(reladdr); if (!addr) { ConsoleOutput("vnreng:AOS2: pattern not found"); @@ -11303,8 +11238,8 @@ bool InsertScenarioPlayerHook() addr_offset_A = 0x00609bf0 - 0x00609c25 // -53 , addr_offset_W = 0x00406540 - 0x00406572 // -50 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG start = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG start = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!start) { ConsoleOutput("vnreng:ScenarioPlayer: pattern not found"); return false; @@ -11406,7 +11341,7 @@ bool InsertMarineHeartHook() // jichi 6/3/2014: CreateFontA is only called once in this function // 0040d160 /$ 55 push ebp ; jichi: hook here // 0040d161 |. 8bec mov ebp,esp - //ULONG addr = Util::FindCallAndEntryAbs((DWORD)CreateFontA, process_limit - process_base, process_base, 0xec8b); + //ULONG addr = Util::FindCallAndEntryAbs((DWORD)CreateFontA, processStopAddress - processStartAddress, processStartAddress, 0xec8b); const BYTE bytes[] = { 0x51, // 0040d1c6 |> 51 push ecx ; /facename @@ -11427,8 +11362,8 @@ bool InsertMarineHeartHook() 0xe8, 0x00,0xfa,0x06,0x00 // 0040d1e9 |. e8 00fa0600 call ; \createfonta }; enum { addr_offset = 0x0040d160 - 0x0040d1c6 }; // distance to the beginning of the function - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(reladdr); if (!addr) { ConsoleOutput("vnreng:MarineHeart: pattern not found"); @@ -11572,8 +11507,8 @@ bool InsertElfHook() 0x8b,0x91, 0x90,0x00,0x00,0x00 // 0093f9c8 |. 8b91 90000000 mov edx,dword ptr ds:[ecx+0x90] }; //enum { addr_offset = 0xc }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(addr); //addr = 0x42f170; // 愛姉妹4 Trial //reladdr = 0x2f9b0; // 愛姉妹4 @@ -11841,17 +11776,11 @@ static void SpecialHookSilkys(DWORD esp_base, HookParam *, BYTE, DWORD *data, DW } bool InsertSilkysHook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:Silkys: failed to get memory range"); - return false; - } - const BYTE bytes[] = { 0x66,0x89,0x45, 0xf9, // 00a1a062 66:8945 f9 mov word ptr ss:[ebp-0x7],ax 0x39,0x47, 0x14 // 00a1a066 3947 14 cmp dword ptr ds:[edi+0x14],eax }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:Silkys: pattern not found"); return false; @@ -12319,12 +12248,7 @@ bool InsertSilkysHook() */ bool InsertEushullyHook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:Eushully: failed to get memory range"); - return false; - } - ULONG addr = MemDbg::findLastCallerAddressAfterInt3((DWORD)::GetTextExtentPoint32A, startAddress, stopAddress); + ULONG addr = MemDbg::findLastCallerAddressAfterInt3((DWORD)::GetTextExtentPoint32A, processStartAddress, processStopAddress); //GROWL_DWORD(addr); if (!addr) { ConsoleOutput("vnreng:Eushully: failed"); @@ -12422,8 +12346,8 @@ static bool InsertOldPalHook() // this is used in case the new pattern does not 0x81,0xf9 //81000000 // 013c6159 |. 81f9 81000000 cmp ecx,0x81 ; jichi: hook here }; enum { addr_offset = sizeof(bytes) - 2 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(reladdr); // supposed to be 0x21650 //GROWL_DWORD(reladdr + addr_offset); //reladdr = 0x26159; // 魔女こいにっ�trial @@ -12456,8 +12380,8 @@ static bool InsertNewPal1Hook() 0x33,0xc5, // 002c6abb 33c5 xor eax,ebp 0x89,0x45, 0xf8 // 002c6abd 8945 f8 mov dword ptr ss:[ebp-0x8],eax ; mireado : small update }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!addr) { ConsoleOutput("vnreng:Pal1: pattern not found"); return false; @@ -12485,8 +12409,8 @@ static bool InsertNewPal2Hook() 0x89,0x45, 0xfc, // 0124E22D 8945 FC mov dword ptr ss:[ebp-0x8],eax ; mireado : small update 0xe8 // 0136e230 e8 call 01377800 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); if (!addr) { ConsoleOutput("vnreng:Pal2: pattern not found"); return false; @@ -12741,7 +12665,7 @@ bool InsertPalHook() // use Old Pal first, which does not have ruby bool InsertNeXASHook() { // There are two GetGlyphOutlineA, both of which seem to have the same texts - ULONG addr = MemDbg::findCallAddress((ULONG)::GetGlyphOutlineA, process_base, process_limit); + ULONG addr = MemDbg::findCallAddress((ULONG)::GetGlyphOutlineA, processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:NexAS: failed"); return false; @@ -12891,8 +12815,8 @@ bool InsertYukaSystem2Hook() 0xc3 // 004010ee \. c3 retn }; //enum { addr_offset = 0 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(addr); // supposed to be 0x4010e0 if (!addr) { ConsoleOutput("vnreng:YukaSystem2: pattern not found"); @@ -13056,8 +12980,8 @@ bool Insert2RMHook() 0xe8 //, 498a0100 // 004542a2 e8 498a0100 call .0046ccf0 }; enum { addr_offset = 0x00454296 - 0x0045428d }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(addr); // supposed to be 0x4010e0 if (!addr) { ConsoleOutput("vnreng:2RM: pattern not found"); @@ -13188,8 +13112,8 @@ bool InsertSideBHook() 0x88,0x5d, 0xd4 // 00f64452 885d d4 mov byte ptr ss:[ebp-0x2c],bl }; enum { addr_offset = 0x00f64410 - 0x00f64435 }; // distance to the beginning of the function - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(addr); // supposed to be 0x4010e0 if (!addr) { ConsoleOutput("vnreng:SideB: pattern not found"); @@ -13416,8 +13340,8 @@ bool InsertExpHook() 0x8a,0x0a // 00258050 8a0a mov cl,byte ptr ds:[edx] ; jichi: text accessed in edx }; enum { addr_offset = 0 }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); //GROWL_DWORD(addr); if (!addr) { ConsoleOutput("vnreng:EXP: pattern not found"); @@ -13556,7 +13480,7 @@ bool InsertHorkEyeHook() 0x8a,0x0c,0x1a // 013cdb0d 8a0c1a mov cl,byte ptr ds:[edx+ebx] jichi: here }; enum { addr_offset = sizeof(bytes) - 3 }; // 8a0c1a - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:HorkEye: pattern not found"); return false; @@ -13710,8 +13634,8 @@ bool Insert5pbHook1() }; enum { addr_offset = 0x0016d916 - 0x0016d90e }; - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_limit); - //GROWL_DWORD3(addr+addr_offset, process_base,process_limit); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); + //GROWL_DWORD3(addr+addr_offset, processStartAddress,processStopAddress); if (!addr) { ConsoleOutput("vnreng:5pb1: pattern not found"); return false; @@ -13759,8 +13683,8 @@ bool Insert5pbHook2() 0x84,0xd2, // 001e9b17 84d2 test dl,dl 0x74,0x11 // 001e9b19 74 11 je short .001e9b2c }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); - //GROWL_DWORD3(addr, process_base,process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); + //GROWL_DWORD3(addr, processStartAddress,processStopAddress); if (!addr) { ConsoleOutput("vnreng:5pb2: pattern not found"); return false; @@ -13915,8 +13839,8 @@ bool Insert5pbHook3() 0x50, // 0025A13F 50 PUSH EAX 0xe8 // 0025A140 E8 DB100100 CALL .0026B220 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); - //GROWL_DWORD3(addr, process_base,process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); + //GROWL_DWORD3(addr, processStartAddress,processStopAddress); if (!addr) { ConsoleOutput("vnreng:5pb2: pattern not found"); return false; @@ -14116,7 +14040,7 @@ bool InsertMinkHook() 0x8b,0x45, 0x08 // 00451658 8b45 08 mov eax,dword ptr ss:[ebp+0x8] }; enum { addr_offset = 2 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //ULONG addr = 0x45164a; //ULONG addr = 0x451648; //ULONG addr = 0x4521a8; @@ -14543,7 +14467,7 @@ bool InsertLeafHook() //0x6a, 0x00, // 00451678 6a 00 push 0x0 //0xff,0x15 // 0045167a ff15 74104a00 call dword ptr ds:[0x4a1074] ; kernel32.getprocessheap }; - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); enum { addr_offset = 0x0045166f - 0x00451658 }; //GROWL_DWORD(addr); if (!addr) { @@ -14590,8 +14514,8 @@ bool InsertNekopackHook() 0x57, // 0069638C |. 57 PUSH EDI 0x8b,0x5d, 0x08 // 0069638D |. 8B5D 08 MOV EBX,DWORD PTR SS:[ARG.1] }; - ULONG range = min(process_limit - process_base, MAX_REL_ADDR); - ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), process_base, process_base + range); + ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); + ULONG addr = MemDbg::matchBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); enum { addr_offset = 0 }; // distance to the beginning of the function, which is 0x55 (push ebp) //GROWL(reladdr); if (!addr) { @@ -14712,7 +14636,7 @@ bool InsertLunaSoftHook() 0xe8 // 0046c58f e8 2cebf9ff call .0040b0c0 }; enum { addr_offset = 2 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL(addr); if (!addr) { ConsoleOutput("vnreng:LunaSoft: pattern not found"); @@ -14854,7 +14778,7 @@ bool InsertFocasLensHook() 0x3b,0xc3 // 001fabc0 3bc3 cmp eax,ebx }; enum { addr_offset = 0x001fabbc - 0x001fabb9 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL(addr); if (!addr) { ConsoleOutput("vnreng:FocasLens: pattern not found"); @@ -15028,7 +14952,7 @@ bool InsertSyuntadaHook() 0x74, 0x3a // 0046944e 74 3a je short .0046948a }; enum { addr_offset = 0x0046944c - 0x0046943d }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL(addr); if (!addr) { ConsoleOutput("vnreng:Syuntada: pattern not found"); @@ -15230,9 +15154,9 @@ bool BootupGDIHook(DWORD esp_base, HookParam *hp) bool InsertBootupGDIHook() { bool widechar = true; - ULONG addr = MemDbg::findCallerAddressAfterInt3((ULONG)TextOutW, process_base, process_limit); + ULONG addr = MemDbg::findCallerAddressAfterInt3((ULONG)TextOutW, processStartAddress, processStopAddress); if (!addr) { - addr = MemDbg::findCallerAddressAfterInt3((ULONG)TextOutA, process_base, process_limit); + addr = MemDbg::findCallerAddressAfterInt3((ULONG)TextOutA, processStartAddress, processStopAddress); widechar = false; } if (!addr) { @@ -15263,21 +15187,21 @@ bool InsertBootupGDIHook() bool InsertBootupLstrHook() // for character name { bool widechar = true; - ULONG addr = MemDbg::findLastCallerAddressAfterInt3((ULONG)GetCharABCWidthsW, process_base, process_limit); + ULONG addr = MemDbg::findLastCallerAddressAfterInt3((ULONG)GetCharABCWidthsW, processStartAddress, processStopAddress); if (!addr) { // Do not hook to lstrlenA, which causes text extraction to stop - //addr = MemDbg::findLastCallerAddressAfterInt3((ULONG)GetCharABCWidthsA, process_base, process_limit); + //addr = MemDbg::findLastCallerAddressAfterInt3((ULONG)GetCharABCWidthsA, processStartAddress, processStopAddress); //widechar = false; } if (!addr) { ConsoleOutput("vnreng:BootupLstr: failed to find GetCharABCWidths"); return false; } - //GROWL_DWORD2(addr, process_base); + //GROWL_DWORD2(addr, processStartAddress); //enum { range = 0x200 }; // 0x012A2CCB - 0x12A2CB0 = 0x1b addr = MemDbg::findCallAddress(widechar ? (ULONG)::lstrlenW : (ULONG)::lstrlenA, - process_base, process_limit, - addr - process_base); //, range); // no range + processStartAddress, processStopAddress, + addr - processStartAddress); //, range); // no range if (!addr) { ConsoleOutput("vnreng:BootupLstr: failed to find lstrlen"); return false; @@ -15494,7 +15418,7 @@ bool InsertEscudeHook() 0x49, // 0042cb9e 49 dec ecx 0x0f,0xaf,0x48, 0x0c // 0042cb9f 0faf48 0c imul ecx,dword ptr ds:[eax+0xc] }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL(addr); if (!addr) { ConsoleOutput("vnreng:Escude: pattern not found"); @@ -15775,7 +15699,7 @@ bool InsertTamamoHook() 0xe8 //f8440f00 // 0051c293 e8 f8440f00 call .00610790 ; jichi: copy invoked here }; enum { addr_offset = sizeof(bytes) - 1 }; - addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (addr) { addr += addr_offset; ConsoleOutput("vnreng:Tamamo: pattern for new version found"); @@ -15790,7 +15714,7 @@ bool InsertTamamoHook() 0xe8 // 27080000 // 0067fa64 e8 27080000 call .00680290 ; jichi: copy invoked here }; enum { addr_offset = sizeof(bytes) - 1 }; - addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (addr) { addr += addr_offset; ConsoleOutput("vnreng:Tamamo: pattern for old version found"); @@ -15903,8 +15827,8 @@ bool InsertShinyDaysGameHook() */ bool InsertLovaGameHook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress + ULONG processStartAddress, processStopAddress; + if (!FillRange(processName,&startAddress, &stopAddress)) { // need accurate stopAddress ConsoleOutput("vnreng:LOVA: failed to get memory range"); return false; } @@ -15922,7 +15846,7 @@ bool InsertLovaGameHook() 0xE8 //CEAE2A00 // 012FF25F E8 CEAE2A00 CALL .015AA132 ; JMP to msvcr100.memcpy, copied here }; enum { addr_offset = sizeof(bytes) - 1 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) { ConsoleOutput("vnreng:LOVA: could not find instruction pattern"); return false; @@ -16011,7 +15935,7 @@ bool InsertAdobeAirHook() return false; } - //ULONG startAddress, stopAddress; + //ULONG processStartAddress, processStopAddress; //if (!NtInspect::getModuleMemoryRange(L"Adobe AIR.dll", &startAddress, &stopAddress)) { // ConsoleOutput("vnreng:Adobe AIR: module not found"); // return false; @@ -16286,7 +16210,7 @@ bool InsertAdobeFlash10Hook() 0x85,0xc9, // 0161294a 85c9 test ecx,ecx 0x0f,0x84 //, 5f010000 // 0161294c 0f84 5f010000 je ron2.01612ab1 }; - ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit); + ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //addr = 0x01612940; //addr = 0x01612AC0; if (!addr) { @@ -16582,14 +16506,9 @@ void SpecialPSPHook(DWORD esp_base, HookParam *hp, BYTE, DWORD *data, DWORD *spl bool InsertPPSSPPHLEHooks() { ConsoleOutput("vnreng: PPSSPP HLE: enter"); - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng:PPSSPP HLE: failed to get memory range"); - return false; - } // 0x400000 - 0x139f000 - //GROWL_DWORD2(startAddress, stopAddress); + //GROWL_DWORD2(processStartAddress, processStopAddress); HookParam hp = {}; hp.length_offset = 1; // determine string length at runtime @@ -16598,9 +16517,9 @@ bool InsertPPSSPPHLEHooks() enum { FunctionCount = sizeof(funcs) / sizeof(*funcs) }; for (size_t i = 0; i < FunctionCount; i++) { const auto &it = funcs[i]; - ULONG addr = MemDbg::findBytes(it.pattern, ::strlen(it.pattern), startAddress, stopAddress); + ULONG addr = MemDbg::findBytes(it.pattern, ::strlen(it.pattern), processStartAddress, processStopAddress); if (addr - && (addr = MemDbg::findPushAddress(addr, startAddress, stopAddress)) + && (addr = MemDbg::findPushAddress(addr, processStartAddress, processStopAddress)) && (addr = SafeFindEnclosingAlignedFunction(addr, 0x200)) // range = 0x200, use the safe version or it might raise ) { hp.address = addr; @@ -16630,11 +16549,11 @@ bool InsertPPSSPPHooks() // http://stackoverflow.com/questions/940707/how-do-i-programatically-get-the-version-of-a-dll-or-exe-file // get the version info for the file requested - if (DWORD dwSize = ::GetFileVersionInfoSizeW(process_path_, nullptr)) { + if (DWORD dwSize = ::GetFileVersionInfoSizeW(processPath, nullptr)) { UINT len = 0; BYTE * buf = new BYTE[dwSize]; VS_FIXEDFILEINFO * info = nullptr; - if (::GetFileVersionInfoW(process_path_, 0, dwSize, buf) + if (::GetFileVersionInfoW(processPath, 0, dwSize, buf) && ::VerQueryValueW(buf, L"\\", (LPVOID*)&info, &len) && info) { @@ -19216,11 +19135,6 @@ static void SpecialPPSSPPHookOtomate(DWORD esp_base, HookParam *hp, BYTE, DWORD } bool InsertOtomatePPSSPPHook() { - ULONG startAddress, stopAddress; - if (!FillRange(process_name_,&startAddress, &stopAddress)) { // need accurate stopAddress - ConsoleOutput("vnreng: Otomate PPSSPP: failed to get memory range"); - return false; - } ConsoleOutput("vnreng: Otomate PPSSPP: enter"); const BYTE bytes[] = { 0x8b,0x15, XX4, // 006db4b0 8b15 b8ebaf00 mov edx,dword ptr ds:[0xafebb8] ; ppssppwi.01134988 @@ -19242,7 +19156,7 @@ bool InsertOtomatePPSSPPHook() enum { addr_offset = 0x006db4b7 - 0x006db4b0 }; enum { ds_offset = 0x006db4bf - 0x006db4b0 + 2 }; - DWORD addr = SafeMatchBytes(bytes, sizeof(bytes), startAddress, stopAddress); + DWORD addr = SafeMatchBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); //GROWL_DWORD(addr); if (!addr) ConsoleOutput("vnreng: Otomate PPSSPP: pattern not found"); diff --git a/vnr/vnrhook/src/engine/engine.h b/vnr/vnrhook/src/engine/engine.h index 5a3236c..d470c31 100644 --- a/vnr/vnrhook/src/engine/engine.h +++ b/vnr/vnrhook/src/engine/engine.h @@ -8,13 +8,13 @@ struct HookParam; // defined in ith types.h +extern DWORD processStartAddress, processStopAddress; + namespace Engine { // Global variables -extern wchar_t *process_name_, // cached - process_path_[MAX_PATH]; // cached -extern DWORD process_base, - process_limit; +extern wchar_t *processName, // cached + processPath[MAX_PATH]; // cached //extern LPVOID trigger_addr; typedef bool (* trigger_fun_t)(LPVOID addr, DWORD frame, DWORD stack); diff --git a/vnr/vnrhook/src/engine/match.cc b/vnr/vnrhook/src/engine/match.cc index a9efabb..769018f 100644 --- a/vnr/vnrhook/src/engine/match.cc +++ b/vnr/vnrhook/src/engine/match.cc @@ -24,8 +24,8 @@ enum { MAX_REL_ADDR = 0x200000 }; // jichi 8/18/2013: maximum relative address namespace Engine { -WCHAR *process_name_, // cached - process_path_[MAX_PATH]; // cached +WCHAR *processName, // cached + processPath[MAX_PATH]; // cached DWORD process_base, process_limit; @@ -419,7 +419,7 @@ bool DetermineEngineByFile4() bool DetermineEngineByProcessName() { WCHAR str[MAX_PATH]; - wcscpy(str, process_name_); + wcscpy(str, processName); _wcslwr(str); // lower case if (wcsstr(str,L"reallive") || Util::CheckFile(L"Reallive.exe") || Util::CheckFile(L"REALLIVEDATA\\Start.ini")) { @@ -478,7 +478,7 @@ bool DetermineEngineByProcessName() // return true; //} - if (wcsstr(process_name_, L"SAISYS") || Util::CheckFile(L"SaiSys.exe")) { // jichi 4/19/2014: Marine Heart + if (wcsstr(processName, L"SAISYS") || Util::CheckFile(L"SaiSys.exe")) { // jichi 4/19/2014: Marine Heart InsertMarineHeartHook(); return true; } @@ -766,16 +766,16 @@ bool DetermineNoEngine() return true; } - if (wcsstr(process_name_, L"lcsebody") || !wcsncmp(process_name_, L"lcsebo~", 7) || Util::CheckFile(L"lcsebody*")) { // jichi 3/19/2014: LC-ScriptEngine, GetGlyphOutlineA + if (wcsstr(processName, L"lcsebody") || !wcsncmp(processName, L"lcsebo~", 7) || Util::CheckFile(L"lcsebody*")) { // jichi 3/19/2014: LC-ScriptEngine, GetGlyphOutlineA ConsoleOutput("vnreng: IGNORE lcsebody"); return true; } wchar_t str[MAX_PATH]; DWORD i; - for (i = 0; process_name_[i]; i++) { - str[i] = process_name_[i]; - if (process_name_[i] == L'.') + for (i = 0; processName[i]; i++) { + str[i] = processName[i]; + if (processName[i] == L'.') break; } *(DWORD *)(str + i + 1) = 0x630068; //.hcb @@ -791,15 +791,15 @@ bool DetermineNoEngine() EXCEPTION_DISPOSITION ExceptHandler(PEXCEPTION_RECORD ExceptionRecord, LPVOID, PCONTEXT, LPVOID) { if (ExceptionRecord->ExceptionCode == STATUS_ACCESS_VIOLATION) { - process_limit = ExceptionRecord->ExceptionInformation[1]; + processStopAddress = ExceptionRecord->ExceptionInformation[1]; //OutputDWORD(process_limit); __asm { mov eax,fs:[0x30] // jichi 12/13/2013: get PEB mov eax,[eax+0xc] mov eax,[eax+0xc] - mov ecx,process_limit - sub ecx,process_base + mov ecx,processStopAddress + sub ecx,processStartAddress mov [eax+0x20],ecx } } @@ -884,22 +884,10 @@ bool DetermineEngineType() HANDLE hijackThread; DWORD WINAPI hijackThreadProc(LPVOID unused) { - //CC_UNUSED(lpThreadParameter); - - //static bool done = false; - //if (done) - // return; - //done = true; - - // jichi 12/18/2013: Though FillRange could raise, it should never raise for he current process - // So, SEH is not used here. - // Initialize shared process name and path - wchar_t* p = GetModuleFileNameW(nullptr, process_path_, MAX_PATH) + process_path_; - while (*(--p) != L'\\'); - process_name_ = p + 1; + GetModuleFileNameW(nullptr, processPath, MAX_PATH); + processName = wcsrchr(processPath, L'\\') + 1; - FillRange(process_name_, &process_base, &process_limit); DetermineEngineType(); return 0; } @@ -929,22 +917,3 @@ void Engine::terminate() } // EOF - -/* -extern "C" { - // http://gmogre3d.googlecode.com/svn-history/r815/trunk/OgreMain/src/WIN32/OgreMinGWSupport.cpp - // http://forum.osdev.org/viewtopic.php?f=8&t=22352 - //#pragma data_seg() - //#pragma comment(linker, "/merge:.CRT=.data") // works fine in visual c++ 6 - //#pragma data_seg() - //#pragma comment(linker, "/merge:.CRT=.rdata") - // MSVC libs use _chkstk for stack-probing. MinGW equivalent is _alloca. - //void _alloca(); - //void _chkstk() { _alloca(); } - - // MSVC uses security cookies to prevent some buffer overflow attacks. - // provide dummy implementations. - //void _fastcall __security_check_cookie(intptr_t i) {} - void __declspec(naked) __fastcall __security_check_cookie(UINT_PTR cookie) {} -} -*/ diff --git a/vnr/vnrhook/src/hijack/texthook.h b/vnr/vnrhook/src/hijack/texthook.h index 741cca9..bcacf09 100644 --- a/vnr/vnrhook/src/hijack/texthook.h +++ b/vnr/vnrhook/src/hijack/texthook.h @@ -29,14 +29,6 @@ extern DWORD trigger; extern DWORD processStartAddress, processStopAddress; -struct FunctionInfo { - DWORD addr; - DWORD module; - DWORD size; - LPWSTR name; -}; -extern std::unordered_map functionInfoByName; - void InitFilterTable(); // jichi 9/25/2013: This class will be used by NtMapViewOfSectionfor diff --git a/vnr/vnrhook/src/main.cc b/vnr/vnrhook/src/main.cc index 9d7a118..b1f5f72 100644 --- a/vnr/vnrhook/src/main.cc +++ b/vnr/vnrhook/src/main.cc @@ -9,6 +9,7 @@ #endif // _MSC_VER #include "src/main.h" +#include "src/engine/engine.h" #include "src/engine/match.h" #include "src/hijack/texthook.h" #include "src/util/growl.h" @@ -85,6 +86,11 @@ BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused) ::processStartAddress = (DWORD)GetModuleHandleW(nullptr); + // Artikash 7/1/2018: No idea how the everliving fuck this works, but it finds the process stop address. + PROCESS_BASIC_INFORMATION info; + NtQueryInformationProcess(GetCurrentProcess(), ProcessBasicInformation, &info, sizeof(PROCESS_BASIC_INFORMATION), 0); + ::processStopAddress = ::processStartAddress + ((LDR_DATA_TABLE_ENTRY*)&info.PebBaseAddress->Ldr->InLoadOrderModuleList.Flink->Flink)->SizeOfImage; + { wchar_t hm_mutex[0x100]; swprintf(hm_mutex, ITH_HOOKMAN_MUTEX_ L"%d", GetCurrentProcessId());