public T GetStructure <T>(IntPtr address, int offset = 0)
{
IntPtr buffer = Marshal.AllocCoTaskMem(Marshal.SizeOf(typeof(T)));
UnsafeNativeMethods.ReadProcessMemory(this.Configuration.ProcessModel.Process.Handle, address + offset, buffer, new IntPtr(Marshal.SizeOf(typeof(T))), out IntPtr bytesRead);
T retValue = (T)Marshal.PtrToStructure(buffer, typeof(T));
Marshal.FreeCoTaskMem(buffer);
return(retValue);
}
private void ResolveLocations(IntPtr baseAddress, IntPtr searchStart, IntPtr searchEnd, ref List <Signature> notFound)
{
const int bufferSize = 0x1200;
const int regionIncrement = 0x1000;
byte[] buffer = new byte[bufferSize];
List <Signature> temp = new List <Signature>();
var regionCount = 0;
while (searchStart.ToInt64() < searchEnd.ToInt64())
{
try {
IntPtr lpNumberOfBytesRead;
var regionSize = new IntPtr(bufferSize);
if (IntPtr.Add(searchStart, bufferSize).ToInt64() > searchEnd.ToInt64())
{
regionSize = (IntPtr)(searchEnd.ToInt64() - searchStart.ToInt64());
}
if (UnsafeNativeMethods.ReadProcessMemory(MemoryHandler.Instance.ProcessHandle, searchStart, buffer, regionSize, out lpNumberOfBytesRead))
{
foreach (Signature signature in notFound)
{
var index = this.FindSuperSignature(buffer, this.SignatureToByte(signature.Value, WildCardChar));
if (index < 0)
{
temp.Add(signature);
continue;
}
var baseResult = new IntPtr((long)(baseAddress + regionCount * regionIncrement));
IntPtr searchResult = IntPtr.Add(baseResult, index + signature.Offset);
signature.SigScanAddress = new IntPtr(searchResult.ToInt64());
if (!this.Locations.ContainsKey(signature.Key))
{
this.Locations.Add(signature.Key, signature);
}
}
notFound = new List <Signature>(temp);
temp.Clear();
}
regionCount++;
searchStart = IntPtr.Add(searchStart, regionIncrement);
}
catch (Exception ex) {
MemoryHandler.Instance.RaiseException(Logger, ex, true);
}
}
}
private void ResolveLocations(IntPtr baseAddress, IntPtr searchStart, IntPtr searchEnd, ref List <Signature> unresolvedSignatures)
{
byte[] buffer = new byte[BufferSize];
List <Signature> temp = new List <Signature>();
int regionCount = 0;
while (searchStart.ToInt64() < searchEnd.ToInt64())
{
try {
IntPtr regionSize = new IntPtr(BufferSize);
if (IntPtr.Add(searchStart, BufferSize).ToInt64() > searchEnd.ToInt64())
{
regionSize = (IntPtr)(searchEnd.ToInt64() - searchStart.ToInt64());
}
if (UnsafeNativeMethods.ReadProcessMemory(this._memoryHandler.ProcessHandle, searchStart, buffer, regionSize, out IntPtr _))
{
foreach (Signature unresolvedSignature in unresolvedSignatures)
{
int index = this.FindSuperSignature(buffer, this.SignatureToByte(unresolvedSignature.Value, WildCardChar));
if (index < 0)
{
temp.Add(unresolvedSignature);
continue;
}
IntPtr baseResult = new IntPtr((long)(baseAddress + regionCount * RegionIncrement));
IntPtr searchResult = IntPtr.Add(baseResult, index + unresolvedSignature.Offset);
unresolvedSignature.SigScanAddress = new IntPtr(searchResult.ToInt64());
if (!this.Locations.ContainsKey(unresolvedSignature.Key))
{
this.Locations.TryAdd(unresolvedSignature.Key, new MemoryLocation(unresolvedSignature, this._memoryHandler));
}
}
unresolvedSignatures = new List <Signature>(temp);
temp.Clear();
}
regionCount++;
searchStart = IntPtr.Add(searchStart, RegionIncrement);
}
catch (Exception ex) {
this._memoryHandler.RaiseException(Logger, ex);
}
}
}
public T[] GetArray <T>(IntPtr address, int count, int offset = 0) where T : struct
{
unsafe {
T[] objArray = new T[count];
IntPtr lpNumberOfBytesRead;
IntPtr buffer = Marshal.AllocCoTaskMem(Marshal.SizeOf(typeof(T)) * count);
UnsafeNativeMethods.ReadProcessMemory(this.ProcessModel.Process.Handle, address + offset, buffer, new IntPtr(Marshal.SizeOf(typeof(T)) * count), out lpNumberOfBytesRead);
int index = 0;
if (0 < count)
{
do
{
long num = Marshal.SizeOf(typeof(T)) * index;
IntPtr ptr = new IntPtr((byte *)buffer + num);
objArray[index] = (T)Marshal.PtrToStructure(ptr, typeof(T));
++index;
}while (index < count);
}
Marshal.FreeCoTaskMem(buffer);
return(objArray);
}
}
public bool Peek(IntPtr address, byte[] buffer)
{
IntPtr lpNumberOfBytesRead;
return(UnsafeNativeMethods.ReadProcessMemory(Instance.ProcessHandle, address, buffer, new IntPtr(buffer.Length), out lpNumberOfBytesRead));
}
public bool Peek(IntPtr address, byte[] buffer)
{
return(UnsafeNativeMethods.ReadProcessMemory(this.ProcessHandle, address, buffer, new IntPtr(buffer.Length), out IntPtr bytesRead));
}