remove fillRange
This commit is contained in:
parent
9bc95191ff
commit
1a2672604a
@ -34,43 +34,6 @@ BYTE LeadByteTable[0x100] = {
|
||||
// - API functions -
|
||||
|
||||
extern "C" {
|
||||
int FillRange(LPCWSTR name, DWORD *lower, DWORD *upper)
|
||||
{
|
||||
PLDR_DATA_TABLE_ENTRY it;
|
||||
LIST_ENTRY *begin;
|
||||
__asm
|
||||
{
|
||||
mov eax,fs:[0x30]
|
||||
mov eax,[eax+0xc]
|
||||
mov eax,[eax+0xc]
|
||||
mov it,eax
|
||||
mov begin,eax
|
||||
}
|
||||
|
||||
while (it->SizeOfImage) {
|
||||
if (::_wcsicmp(it->BaseDllName.Buffer, name) == 0) {
|
||||
*lower = *upper = (DWORD)it->DllBase;
|
||||
MEMORY_BASIC_INFORMATION info = {};
|
||||
DWORD l,size;
|
||||
size = 0;
|
||||
do {
|
||||
NtQueryVirtualMemory(NtCurrentProcess(), (LPVOID)(*upper), MemoryBasicInformation, &info, sizeof(info), &l);
|
||||
if (info.Protect&PAGE_NOACCESS) {
|
||||
it->SizeOfImage=size;
|
||||
break;
|
||||
}
|
||||
size += info.RegionSize;
|
||||
*upper += info.RegionSize;
|
||||
} while (size < it->SizeOfImage);
|
||||
return 1;
|
||||
}
|
||||
it = (PLDR_DATA_TABLE_ENTRY)it->InLoadOrderModuleList.Flink;
|
||||
if (it->InLoadOrderModuleList.Flink == begin)
|
||||
break;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD SearchPattern(DWORD base, DWORD base_length, LPCVOID search, DWORD search_length) // KMP
|
||||
{
|
||||
__asm
|
||||
|
@ -11,7 +11,6 @@
|
||||
|
||||
// jichi 8/24/2013: Why extern "C"? Any specific reason to use C instead of C++ naming?
|
||||
extern "C" {
|
||||
int FillRange(LPCWSTR name,DWORD *lower, DWORD *upper);
|
||||
|
||||
// jichi 10/1/2013: Return 0 if failed. So, it is ambiguous if the search pattern starts at 0
|
||||
DWORD SearchPattern(DWORD base, DWORD base_length, LPCVOID search, DWORD search_length); // KMP
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -8,13 +8,13 @@
|
||||
|
||||
struct HookParam; // defined in ith types.h
|
||||
|
||||
extern DWORD processStartAddress, processStopAddress;
|
||||
|
||||
namespace Engine {
|
||||
|
||||
// Global variables
|
||||
extern wchar_t *process_name_, // cached
|
||||
process_path_[MAX_PATH]; // cached
|
||||
extern DWORD process_base,
|
||||
process_limit;
|
||||
extern wchar_t *processName, // cached
|
||||
processPath[MAX_PATH]; // cached
|
||||
|
||||
//extern LPVOID trigger_addr;
|
||||
typedef bool (* trigger_fun_t)(LPVOID addr, DWORD frame, DWORD stack);
|
||||
|
@ -24,8 +24,8 @@ enum { MAX_REL_ADDR = 0x200000 }; // jichi 8/18/2013: maximum relative address
|
||||
|
||||
namespace Engine {
|
||||
|
||||
WCHAR *process_name_, // cached
|
||||
process_path_[MAX_PATH]; // cached
|
||||
WCHAR *processName, // cached
|
||||
processPath[MAX_PATH]; // cached
|
||||
|
||||
DWORD process_base,
|
||||
process_limit;
|
||||
@ -419,7 +419,7 @@ bool DetermineEngineByFile4()
|
||||
bool DetermineEngineByProcessName()
|
||||
{
|
||||
WCHAR str[MAX_PATH];
|
||||
wcscpy(str, process_name_);
|
||||
wcscpy(str, processName);
|
||||
_wcslwr(str); // lower case
|
||||
|
||||
if (wcsstr(str,L"reallive") || Util::CheckFile(L"Reallive.exe") || Util::CheckFile(L"REALLIVEDATA\\Start.ini")) {
|
||||
@ -478,7 +478,7 @@ bool DetermineEngineByProcessName()
|
||||
// return true;
|
||||
//}
|
||||
|
||||
if (wcsstr(process_name_, L"SAISYS") || Util::CheckFile(L"SaiSys.exe")) { // jichi 4/19/2014: Marine Heart
|
||||
if (wcsstr(processName, L"SAISYS") || Util::CheckFile(L"SaiSys.exe")) { // jichi 4/19/2014: Marine Heart
|
||||
InsertMarineHeartHook();
|
||||
return true;
|
||||
}
|
||||
@ -766,16 +766,16 @@ bool DetermineNoEngine()
|
||||
return true;
|
||||
}
|
||||
|
||||
if (wcsstr(process_name_, L"lcsebody") || !wcsncmp(process_name_, L"lcsebo~", 7) || Util::CheckFile(L"lcsebody*")) { // jichi 3/19/2014: LC-ScriptEngine, GetGlyphOutlineA
|
||||
if (wcsstr(processName, L"lcsebody") || !wcsncmp(processName, L"lcsebo~", 7) || Util::CheckFile(L"lcsebody*")) { // jichi 3/19/2014: LC-ScriptEngine, GetGlyphOutlineA
|
||||
ConsoleOutput("vnreng: IGNORE lcsebody");
|
||||
return true;
|
||||
}
|
||||
|
||||
wchar_t str[MAX_PATH];
|
||||
DWORD i;
|
||||
for (i = 0; process_name_[i]; i++) {
|
||||
str[i] = process_name_[i];
|
||||
if (process_name_[i] == L'.')
|
||||
for (i = 0; processName[i]; i++) {
|
||||
str[i] = processName[i];
|
||||
if (processName[i] == L'.')
|
||||
break;
|
||||
}
|
||||
*(DWORD *)(str + i + 1) = 0x630068; //.hcb
|
||||
@ -791,15 +791,15 @@ bool DetermineNoEngine()
|
||||
EXCEPTION_DISPOSITION ExceptHandler(PEXCEPTION_RECORD ExceptionRecord, LPVOID, PCONTEXT, LPVOID)
|
||||
{
|
||||
if (ExceptionRecord->ExceptionCode == STATUS_ACCESS_VIOLATION) {
|
||||
process_limit = ExceptionRecord->ExceptionInformation[1];
|
||||
processStopAddress = ExceptionRecord->ExceptionInformation[1];
|
||||
//OutputDWORD(process_limit);
|
||||
__asm
|
||||
{
|
||||
mov eax,fs:[0x30] // jichi 12/13/2013: get PEB
|
||||
mov eax,[eax+0xc]
|
||||
mov eax,[eax+0xc]
|
||||
mov ecx,process_limit
|
||||
sub ecx,process_base
|
||||
mov ecx,processStopAddress
|
||||
sub ecx,processStartAddress
|
||||
mov [eax+0x20],ecx
|
||||
}
|
||||
}
|
||||
@ -884,22 +884,10 @@ bool DetermineEngineType()
|
||||
HANDLE hijackThread;
|
||||
DWORD WINAPI hijackThreadProc(LPVOID unused)
|
||||
{
|
||||
//CC_UNUSED(lpThreadParameter);
|
||||
|
||||
//static bool done = false;
|
||||
//if (done)
|
||||
// return;
|
||||
//done = true;
|
||||
|
||||
// jichi 12/18/2013: Though FillRange could raise, it should never raise for he current process
|
||||
// So, SEH is not used here.
|
||||
|
||||
// Initialize shared process name and path
|
||||
wchar_t* p = GetModuleFileNameW(nullptr, process_path_, MAX_PATH) + process_path_;
|
||||
while (*(--p) != L'\\');
|
||||
process_name_ = p + 1;
|
||||
GetModuleFileNameW(nullptr, processPath, MAX_PATH);
|
||||
processName = wcsrchr(processPath, L'\\') + 1;
|
||||
|
||||
FillRange(process_name_, &process_base, &process_limit);
|
||||
DetermineEngineType();
|
||||
return 0;
|
||||
}
|
||||
@ -929,22 +917,3 @@ void Engine::terminate()
|
||||
}
|
||||
|
||||
// EOF
|
||||
|
||||
/*
|
||||
extern "C" {
|
||||
// http://gmogre3d.googlecode.com/svn-history/r815/trunk/OgreMain/src/WIN32/OgreMinGWSupport.cpp
|
||||
// http://forum.osdev.org/viewtopic.php?f=8&t=22352
|
||||
//#pragma data_seg()
|
||||
//#pragma comment(linker, "/merge:.CRT=.data") // works fine in visual c++ 6
|
||||
//#pragma data_seg()
|
||||
//#pragma comment(linker, "/merge:.CRT=.rdata")
|
||||
// MSVC libs use _chkstk for stack-probing. MinGW equivalent is _alloca.
|
||||
//void _alloca();
|
||||
//void _chkstk() { _alloca(); }
|
||||
|
||||
// MSVC uses security cookies to prevent some buffer overflow attacks.
|
||||
// provide dummy implementations.
|
||||
//void _fastcall __security_check_cookie(intptr_t i) {}
|
||||
void __declspec(naked) __fastcall __security_check_cookie(UINT_PTR cookie) {}
|
||||
}
|
||||
*/
|
||||
|
@ -29,14 +29,6 @@ extern DWORD trigger;
|
||||
extern DWORD processStartAddress,
|
||||
processStopAddress;
|
||||
|
||||
struct FunctionInfo {
|
||||
DWORD addr;
|
||||
DWORD module;
|
||||
DWORD size;
|
||||
LPWSTR name;
|
||||
};
|
||||
extern std::unordered_map<std::string, FunctionInfo> functionInfoByName;
|
||||
|
||||
void InitFilterTable();
|
||||
|
||||
// jichi 9/25/2013: This class will be used by NtMapViewOfSectionfor
|
||||
|
@ -9,6 +9,7 @@
|
||||
#endif // _MSC_VER
|
||||
|
||||
#include "src/main.h"
|
||||
#include "src/engine/engine.h"
|
||||
#include "src/engine/match.h"
|
||||
#include "src/hijack/texthook.h"
|
||||
#include "src/util/growl.h"
|
||||
@ -85,6 +86,11 @@ BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused)
|
||||
|
||||
::processStartAddress = (DWORD)GetModuleHandleW(nullptr);
|
||||
|
||||
// Artikash 7/1/2018: No idea how the everliving fuck this works, but it finds the process stop address.
|
||||
PROCESS_BASIC_INFORMATION info;
|
||||
NtQueryInformationProcess(GetCurrentProcess(), ProcessBasicInformation, &info, sizeof(PROCESS_BASIC_INFORMATION), 0);
|
||||
::processStopAddress = ::processStartAddress + ((LDR_DATA_TABLE_ENTRY*)&info.PebBaseAddress->Ldr->InLoadOrderModuleList.Flink->Flink)->SizeOfImage;
|
||||
|
||||
{
|
||||
wchar_t hm_mutex[0x100];
|
||||
swprintf(hm_mutex, ITH_HOOKMAN_MUTEX_ L"%d", GetCurrentProcessId());
|
||||
|
Loading…
x
Reference in New Issue
Block a user