private IntPtr GetPointer(Process program, string asmName)
{
if (lastPID != program.Id)
{
lastPID = program.Id;
BasePtr = IntPtr.Zero;
}
if (BasePtr != IntPtr.Zero)
{
DateTime now = DateTime.Now;
if (now > LastVerified)
{
bool isValid = Searcher.VerifySignature(program, BasePtr, Signature);
LastVerified = now.AddSeconds(5);
if (!isValid)
{
BasePtr = IntPtr.Zero;
}
}
if (BasePtr != IntPtr.Zero)
{
int offset = CalculateRelative(program);
return(BasePtr + offset);
}
}
if (string.IsNullOrEmpty(asmName))
{
Searcher.MemoryFilter = delegate(MemInfo info) {
return((info.State & 0x1000) != 0 && (info.Protect & 0x40) != 0 && (info.Protect & 0x100) == 0);
};
}
else
{
Tuple <IntPtr, IntPtr> range = ProgramPointer.GetAddressRange(program, asmName);
Searcher.MemoryFilter = delegate(MemInfo info) {
return((ulong)info.BaseAddress >= (ulong)range.Item1 && (ulong)info.BaseAddress <= (ulong)range.Item2 && (info.State & 0x1000) != 0 && (info.Protect & 0x20) != 0 && (info.Protect & 0x100) == 0);
};
}
IntPtr ptr = Searcher.FindSignature(program, Signature);
if (ptr != IntPtr.Zero)
{
BasePtr = ptr;
LastVerified = DateTime.Now.AddSeconds(5);
int offset = CalculateRelative(program);
return(BasePtr + offset);
}
return(IntPtr.Zero);
}
private IntPtr GetPointer(Process program, string asmName)
{
if (lastPID != program.Id)
{
lastPID = program.Id;
BasePtr = IntPtr.Zero;
if (string.IsNullOrEmpty(asmName))
{
Searcher.MemoryFilter = delegate(MemInfo info) {
return((info.State & 0x1000) != 0 && (info.Protect & 0x20) != 0 && (info.Protect & 0x100) == 0);
};
}
else
{
Tuple <IntPtr, IntPtr> range = ProgramPointer.GetAddressRange(program, asmName);
Searcher.MemoryFilter = delegate(MemInfo info) {
return((ulong)info.BaseAddress >= (ulong)range.Item1 && (ulong)info.BaseAddress <= (ulong)range.Item2 && (info.State & 0x1000) != 0 && (info.Protect & 0x20) != 0 && (info.Protect & 0x100) == 0);
};
}
}
if (BasePtr != IntPtr.Zero)
{
int offset = 0;
if (AutoDeref != AutoDeref.None)
{
offset = program.Read <int>(BasePtr + Offset) + 4;
}
return(BasePtr + Offset + offset);
}
else
{
IntPtr ptr = Searcher.FindSignature(program, Signature);
if (ptr != IntPtr.Zero)
{
BasePtr = ptr;
int offset = 0;
if (AutoDeref != AutoDeref.None)
{
offset = program.Read <int>(BasePtr + Offset) + 4;
}
return(BasePtr + Offset + offset);
}
}
return(IntPtr.Zero);
}
public IntPtr FindPointer(Process program, string asmName)
{
if (lastPID != program.Id)
{
lastPID = program.Id;
if (string.IsNullOrEmpty(asmName))
{
BasePtr = program.MainModule.BaseAddress;
}
else
{
Tuple <IntPtr, IntPtr> range = ProgramPointer.GetAddressRange(program, asmName);
BasePtr = range.Item1;
}
}
return(program.Read <IntPtr>(BasePtr, Offsets));
}
public IntPtr FindPointer(Process program, string asmName)
{
IntPtr startAddress;
if (string.IsNullOrEmpty(asmName))
{
startAddress = program.MainModule.BaseAddress;
}
else
{
Tuple <IntPtr, IntPtr> range = ProgramPointer.GetAddressRange(program, asmName);
startAddress = range.Item1;
}
if (MemoryReader.is64Bit)
{
return((IntPtr)program.Read <ulong>(startAddress, Offsets));
}
else
{
return((IntPtr)program.Read <uint>(startAddress, Offsets));
}
}
private IntPtr GetPointer(Process program, string asmName)
{
if (BasePtr == IntPtr.Zero)
{
ulong rva = Decompiler.GetRVA(FullName);
if (string.IsNullOrEmpty(asmName))
{
BasePtr = program.MainModule.BaseAddress + (int)rva + Offset;
}
else
{
Tuple <IntPtr, IntPtr> range = ProgramPointer.GetAddressRange(program, asmName);
BasePtr = range.Item1 + (int)rva + Offset;
}
}
int offset = 0;
if (AutoDeref != AutoDeref.None)
{
offset = program.Read <int>(BasePtr) + 4;
}
return(BasePtr + offset);
}