searchmemory returns all matches now

2024-12-24 01:14:12 +08:00 · 2018-10-14 10:29:23 -04:00 · 2018-10-14 10:29:23 -04:00 · d307b7af2e
commit d307b7af2e
parent 273411d22e
3 changed files with 35 additions and 31 deletions
--- a/vnrhook/engine/engine.cc
+++ b/vnrhook/engine/engine.cc
@ -2123,12 +2123,8 @@ bool InsertBGIHook()
 bool InsertBaldrHook()
 {
 	const BYTE ins[] = { 0x90,0xff,0x50,0x3c,0x83,0xc4,0x20,0x8b,0x45,0xec };
-	DWORD addr = Util::SearchMemory(ins, sizeof(ins));
-	if (!addr) {
-		ConsoleOutput("Textractor: BALDR failed: could not find instructions");
-		return false;
-	}
-
+	for (auto addr : Util::SearchMemory(ins, sizeof(ins)))
+	{
 		HookParam hp = {};
 		hp.address = addr;
 		hp.offset = 4;
@ -2139,6 +2135,10 @@ bool InsertBaldrHook()
 		return true;
 	}

+	ConsoleOutput("Textractor: BALDR failed: could not find instructions");
+	return false;
+}
+
 /********************************************************************************************
 Reallive hook:
  Process name is reallive.exe or reallive*.exe.
@ -8871,7 +8871,7 @@ void SpecialHookAB2Try(DWORD esp_base, HookParam *, BYTE, DWORD *data, DWORD *sp
 BOOL FindCharacteristInstruction()
 {
 	const BYTE bytes[] = { 0x0F, 0xB7, 0x44, 0x50, 0x0C, 0x89 };
-	if (DWORD addr = Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE_READWRITE))
+	for (auto addr : Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE_READWRITE))
 	{
 		//GROWL_DWORD(addr);
 		HookParam hp = {};
@ -9321,6 +9321,7 @@ bool InsertWillPlusWHook()
 */
 static bool InsertNewWillPlusHook()
 {
+	bool found = false;
 	const BYTE characteristicInstructions[] = 
 	{ 
 		0xc2, 0x08, 0, // ret 0008; Seems to always be ret 8 before the hookable function. not sure why, not sure if stable.
@ -9333,10 +9334,11 @@ static bool InsertNewWillPlusHook()
 		0x81, 0xec, XX4, // sub esp,?
 		0xa1, XX4, // mov eax,[?]
 		0x33, 0xc5, // xor eax,ebp
-		0x89, 0x45, 0xec // mov [ebp-14],eax; not sure if 0x14 is stable
+		//0x89, 0x45, 0xec // mov [ebp-14],eax; not sure if 0x14 is stable
 	};
-	if (DWORD addr = Util::SearchMemory(characteristicInstructions, sizeof(characteristicInstructions)))
+	for (auto addr : Util::SearchMemory(characteristicInstructions, sizeof(characteristicInstructions)))
 	{
+		//GROWL_DWORD(addr);
 		HookParam hp = {};
 		hp.address = addr + 3;
 		hp.type = USING_STRING | USING_UNICODE | DATA_INDIRECT;
@ -9344,10 +9346,10 @@ static bool InsertNewWillPlusHook()
 		hp.index = 0;
 		ConsoleOutput("Textractor: INSERT New WillPlus (ADVHD) hook");
 		NewHook(hp, "WillPlus2");
-		return true;
+		found = true;
 	}
-	ConsoleOutput("New WillPlus: failed to find instructions");
-	return false;
+	if (!found) ConsoleOutput("New WillPlus: failed to find instructions");
+	return found;
 }

 } // unnamed namespace
--- a/vnrhook/util/util.cc
+++ b/vnrhook/util/util.cc
@ -3,7 +3,6 @@
 // Branch: ITH_Engine/engine.cpp, revision 133
 // See: http://ja.wikipedia.org/wiki/プロジェクト:美少女ゲーム系/ゲームエンジン

-#include "common.h"
 #include "util/util.h"
 #include "ithsys/ithsys.h"
 #include "main.h"
@ -286,7 +285,7 @@ bool Util::SearchResourceString(LPCWSTR str)

 namespace
 {
-	DWORD SafeSearchMemory(DWORD startAddr, DWORD endAddr, const BYTE* bytes, unsigned short length)
+	uint64_t SafeSearchMemory(uint64_t startAddr, uint64_t endAddr, const BYTE* bytes, short length)
 	{
 		__try
 		{
@ -295,7 +294,7 @@ namespace
 					if (j == length) return startAddr + i; // not sure about this algorithm...
 					else if (*((BYTE*)startAddr + i + j) != *(bytes + j) && *(bytes + j) != 0x11) break; // 0x11 = wildcard
 		} 
-		__except (1)
+		__except (EXCEPTION_EXECUTE_HANDLER)
 		{
 			ConsoleOutput("Textractor: SearchMemory ERROR (Textractor will likely still work fine, but please let Artikash know if this happens a lot!)");
 			return 0;
@ -304,29 +303,32 @@ namespace
 	}
 }

-DWORD Util::SearchMemory(const BYTE* bytes, unsigned short length, DWORD protect)
+std::vector<uint64_t> Util::SearchMemory(const BYTE* bytes, short length, DWORD protect)
 {
-	std::vector<std::pair<DWORD, DWORD>> validMemory;
-	for (BYTE* probe = NULL; (DWORD)probe < 0x80000000;) // end of user memory space
+	std::vector<std::pair<uint64_t, uint64_t>> validMemory;
+	for (BYTE* probe = NULL; (uint64_t)probe < 0x80000000;) // end of user memory space
 	{
 		MEMORY_BASIC_INFORMATION info = {};
 		if (!VirtualQuery(probe, &info, sizeof(info)))
 		{
-			probe += 0x1000;
+			probe += 0x1000; // page size
 			continue;
 		}
 		else
 		{
-			if (info.Protect >= protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (DWORD)info.BaseAddress, info.RegionSize });
+			if (info.Protect >= protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (uint64_t)info.BaseAddress, info.RegionSize });
 			probe += info.RegionSize;
 		}
 	}

+	std::vector<uint64_t> ret;
 	for (auto memory : validMemory)
-		if (DWORD ret = SafeSearchMemory(memory.first, memory.first + memory.second, bytes, length))
-			return ret;
+		for (uint64_t addr = memory.first; true;)
+			if (addr = SafeSearchMemory(addr, memory.first + memory.second, bytes, length))
+				ret.push_back(addr++);
+			else break;

-	return 0;
+	return ret;
 }

 // EOF
--- a/vnrhook/util/util.h
+++ b/vnrhook/util/util.h
@ -3,7 +3,7 @@
 // util.h
 // 8/23/2013 jichi

-#include <Windows.h>
+#include "common.h"

 namespace Util {

@ -22,7 +22,7 @@ bool CheckFile(LPCWSTR name);

 bool SearchResourceString(LPCWSTR str);

-DWORD SearchMemory(const BYTE* bytes, unsigned short length, DWORD protect = PAGE_EXECUTE);
+std::vector<uint64_t> SearchMemory(const BYTE* bytes, short length, DWORD protect = PAGE_EXECUTE);

 } // namespace Util