private static uint GetStatic_LevelArea(byte[] data, SymbolMap symbols)
{
const string key = "LevelArea";
var match = symbols.BestMatch(key);
if (match != 0)
{
return(match);
}
if (Engine.Current == null)
{
return(0);
}
try
{
var pe = new PEHeaderReader(data);
var rdata = pe.ImageSectionHeaders.FirstOrDefault(h => h.Section.TrimEnd('\0') == ".rdata");
var text = pe.ImageSectionHeaders.FirstOrDefault(h => h.Section.TrimEnd('\0') == ".text");
uint offset = rdata.VirtualAddress - rdata.PointerToRawData + pe.OptionalHeader32.ImageBase;
var pName = (uint)(offset + new BinaryPattern(Encoding.ASCII.GetBytes("UIMinimapToggle")).NextMatch(data, (int)rdata.PointerToRawData, (int)rdata.SizeOfRawData));
var pMethod = BitConverter.ToUInt32(data, BinaryPattern.Parse(
$"68{pName.ToPattern()}" +
"A3........" +
"C705................" +
"C705................" +
"E8........" +
"68........" +
"A3........" +
"C705........|........|").NextMatch(data, (int)text.PointerToRawData, (int)text.SizeOfRawData) + 51);
if (Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x00) == 0x8B &&
Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x01) == 0x0D)
{
var address = Engine.Current.Memory.Reader.Read <uint>(pMethod + 0x02);
symbols.Override(key, address);
return(address);
}
}
catch { }
return(0);
}
private static uint GetStatic_LevelArea(byte[] data, SymbolMap symbols)
{
const string key = "LevelArea";
var match = symbols.BestMatch(key);
if (match != 0)
{
return(match);
}
if (Engine.Current == null)
{
return(0);
}
try
{
// TODO: Calculate offset from PE info.
const uint offset = 0x801600;
// TODO: Search in .rdata segment only.
var pName = (uint)(offset + new BinaryPattern(Encoding.ASCII.GetBytes("UIMinimapToggle")).NextMatch(data, 0));
// TODO: Search in .text segment only
var pMethod = BitConverter.ToUInt32(data, BinaryPattern.Parse(
$"68{pName.ToPattern()}" +
"A3........" +
"C705................" +
"C705................" +
"E8........" +
"68........" +
"A3........" +
"C705........|........|").NextMatch(data, 0) + 51);
if (Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x00) == 0x8B &&
Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x01) == 0x0D)
{
var address = Engine.Current.Memory.Reader.Read <uint>(pMethod + 0x02);
symbols.Override(key, address);
return(address);
}
}
catch { }
return(0);
}
public static CodePattern Parse(string pattern)
{
var bp = new StringBuilder(pattern.Length);
var marker = default(string);
var markers = new Lazy <List <CodePatternMarker> >();
var op = new Range(0, 0);
var ops = new List <Range>();
foreach (var c in pattern)
{
if (c == '{')
{
if (marker != null)
{
throw new FormatException();
}
marker = "";
}
else if (marker != null)
{
if (c == '}')
{
var position = bp.Length;
if ((position & 1) != 0)
{
throw new FormatException();
}
markers.Value.Add(new CodePatternMarker {
Name = marker, Position = position / 2
});
marker = null;
}
else
{
marker += c;
}
}
else if (IsClean(c))
{
bp.Append(c);
}
else if (c == '|')
{
var position = bp.Length;
if (op != default(Range))
{
if ((position & 1) != 0)
{
throw new FormatException();
}
op.Size = position / 2 - op.Start;
ops.Add(op);
}
op = new Range(position / 2, 0);
}
}
if (marker != null)
{
throw new FormatException();
}
if (op != default(Range))
{
var position = bp.Length;
if ((position & 1) != 0)
{
throw new FormatException();
}
op.Size = position / 2 - op.Start;
ops.Add(op);
}
var binary = BinaryPattern.Parse(bp.ToString());
var x = new CodePattern {
Markers = markers.IsValueCreated ? markers.Value : null, Binary = binary, Operations = ops
};
return(x);
}
