├── .gitattributes ├── MemChunk.c ├── MemChunk.h ├── MemProc.h ├── .gitignore └── MemProc.c /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | 4 | # Custom for Visual Studio 5 | *.cs diff=csharp 6 | *.sln merge=union 7 | *.csproj merge=union 8 | *.vbproj merge=union 9 | *.fsproj merge=union 10 | *.dbproj merge=union 11 | 12 | # Standard to msysgit 13 | *.doc diff=astextplain 14 | *.DOC diff=astextplain 15 | *.docx diff=astextplain 16 | *.DOCX diff=astextplain 17 | *.dot diff=astextplain 18 | *.DOT diff=astextplain 19 | *.pdf diff=astextplain 20 | *.PDF diff=astextplain 21 | *.rtf diff=astextplain 22 | *.RTF diff=astextplain 23 | -------------------------------------------------------------------------------- /MemChunk.c: -------------------------------------------------------------------------------- 1 | #include "MemChunk.h" 2 | 3 | #define __DEBUG_OBJECT__ "MemChunk" 4 | #include "dbg/dbg.h" 5 | 6 | MemChunk * 7 | memchunk_new (HANDLE hProc, MEMORY_BASIC_INFORMATION *meminfo) 8 | { 9 | MemChunk *mem; 10 | 11 | if ((mem = malloc(sizeof(MemChunk))) == NULL) 12 | return NULL; 13 | 14 | mem->proc = hProc; 15 | 16 | mem->addr = (DWORD) meminfo->BaseAddress; 17 | mem->size = meminfo->RegionSize; 18 | dbg ("MemChunk size allocated = 0x%x", mem->size); 19 | 20 | mem->buffer = malloc (meminfo->RegionSize); 21 | memset(mem->buffer, 0, meminfo->RegionSize); 22 | 23 | mem->matches = bb_queue_new(); 24 | 25 | memchunk_read_from_memory(mem); 26 | 27 | return mem; 28 | } 29 | 30 | inline void 31 | memchunk_read_from_memory (MemChunk *mem) 32 | { 33 | read_from_memory(mem->proc, mem->buffer, mem->addr, mem->size); 34 | } 35 | 36 | void 37 | memchunk_debug (MemChunk *mc) 38 | { 39 | printf("Addr : 0x%.8x - 0x%.8x (%d bytes) \n", (int) mc->addr, (int) mc->addr + mc->size, mc->size); 40 | } 41 | 42 | void 43 | memchunk_full_debug (MemChunk *mc) 44 | { 45 | memchunk_debug(mc); 46 | 47 | for (unsigned int i = 0; i < mc->size; i++) 48 | printf("0x%.2x ", mc->buffer[i]); 49 | 50 | printf("\n"); 51 | } 52 | 53 | 54 | void 55 | memchunk_free (MemChunk *memchunk) 56 | { 57 | if (memchunk != NULL) 58 | { 59 | free (memchunk); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /MemChunk.h: -------------------------------------------------------------------------------- 1 | // --- Author : Moreau Cyril - Spl3en 2 | // --- File : MemChunk.h 3 | // --- Date : 2013-03-04-22.10.17 4 | // --- Version : 1.0 5 | 6 | #ifndef MemChunk_H_INCLUDED 7 | #define MemChunk_H_INCLUDED 8 | 9 | 10 | // ---------- Includes ------------ 11 | #include 12 | #include 13 | #include 14 | #include "../BbQueue/BbQueue.h" 15 | #include "../Win32Tools/Win32Tools.h" 16 | 17 | // ---------- Defines ------------- 18 | 19 | typedef enum { 20 | 21 | MEM_TYPE_IMAGE = 0, 22 | MEM_TYPE_MAPPED = 1, 23 | MEM_TYPE_PRIVATE = 2, 24 | 25 | } MemType; 26 | 27 | // ------ Struct declaration ------- 28 | typedef 29 | struct _MemChunk 30 | { 31 | HANDLE proc; 32 | DWORD addr; 33 | 34 | unsigned char *buffer; 35 | unsigned int size; 36 | MemType type; 37 | 38 | BbQueue *matches; 39 | 40 | } MemChunk; 41 | 42 | 43 | 44 | // --------- Constructors --------- 45 | 46 | MemChunk * 47 | memchunk_new (HANDLE hProc, MEMORY_BASIC_INFORMATION *meminfo); 48 | 49 | void 50 | memchunk_init (MemChunk *mem, HANDLE hProc, MEMORY_BASIC_INFORMATION *meminfo); 51 | 52 | 53 | // ----------- Functions ------------ 54 | 55 | void 56 | memchunk_read_from_memory (MemChunk *mem); 57 | 58 | void 59 | memchunk_set_update (MemChunk *mem, char to_update); 60 | 61 | 62 | void 63 | memchunk_debug (MemChunk *mc); 64 | 65 | void 66 | memchunk_full_debug (MemChunk *mc); 67 | 68 | 69 | 70 | // --------- Destructors ---------- 71 | 72 | void 73 | memchunk_free (MemChunk *memchunk); 74 | 75 | 76 | 77 | 78 | 79 | 80 | #endif // MemChunk_INCLUDED 81 | -------------------------------------------------------------------------------- /MemProc.h: -------------------------------------------------------------------------------- 1 | // --- Author : Moreau Cyril - Spl3en - Credits to gimmeamilk (http://www.youtube.com/watch?v=YRPMdb1YMS8) 2 | // --- File : MemProc.h 3 | // --- Date : 2013-03-04-22.14.43 4 | // --- Version : 1.0 5 | 6 | #ifndef MemProc_H_INCLUDED 7 | #define MemProc_H_INCLUDED 8 | 9 | 10 | // ---------- Includes ------------ 11 | #include 12 | #include "MemChunk.h" 13 | #include "BbQueue/BbQueue.h" 14 | #include "Win32Tools/Win32Tools.h" 15 | #include "Console/Console.h" 16 | 17 | // ---------- Defines ------------- 18 | 19 | 20 | // ------ Struct declaration ------- 21 | typedef enum { 22 | 23 | SEARCH_TYPE_BYTES = -1, 24 | SEARCH_TYPE_INTEGER, 25 | SEARCH_TYPE_FLOAT, 26 | SEARCH_TYPE_STRING, 27 | 28 | } SearchType; 29 | 30 | 31 | typedef 32 | struct _MemProc 33 | { 34 | BbQueue *memchunks; 35 | HANDLE proc; 36 | HWND hwnd; 37 | SearchType stype; 38 | int mask_len; 39 | 40 | int pid; 41 | char *window_name; 42 | char *process_name; 43 | 44 | DWORD base_addr; 45 | DWORD default_baseaddr; 46 | 47 | } MemProc; 48 | 49 | 50 | typedef struct _MemBlock 51 | { 52 | void *data; 53 | DWORD addr; 54 | int size; 55 | MemType type; 56 | 57 | char to_update; 58 | 59 | } MemBlock; 60 | 61 | typedef struct ImageSectionInfo 62 | { 63 | char SectionName[IMAGE_SIZEOF_SHORT_NAME]; 64 | char *SectionAddress; 65 | int SectionSize; 66 | 67 | } ImageSectionInfo; 68 | 69 | // --------- Constructors --------- 70 | 71 | MemProc * 72 | memproc_new (char *process_name, char *window_name); 73 | 74 | 75 | MemBlock * 76 | memblock_new (void *data, DWORD addr, int size, MemType type); 77 | 78 | // ----------- Functions ------------ 79 | 80 | void 81 | memproc_debug (MemProc *mp); 82 | 83 | void 84 | memproc_full_debug (MemProc *mp); 85 | 86 | void 87 | memproc_search (MemProc *mp, unsigned char *pattern, char *mask, void (*pre_search)(MemChunk *, float prct), SearchType stype); 88 | 89 | void 90 | memproc_update (MemProc *mp, BbQueue *memblocks); 91 | 92 | void 93 | memproc_dump (MemProc *mp, int start, int end); 94 | 95 | void 96 | memproc_dump_sections (MemProc *mp, int start, int nbSections); 97 | 98 | void 99 | memproc_dump_details (MemProc *mp, int start, int end, int nbSections, int (*boolean_function) (MEMORY_BASIC_INFORMATION *, void *), void *arg); 100 | 101 | int 102 | memproc_is_dumped (MemProc *mp); 103 | 104 | bool 105 | memproc_refresh_handle (MemProc *mp); 106 | 107 | BbQueue * 108 | memproc_get_res (MemProc *mp); 109 | 110 | void 111 | memproc_search_float (MemProc *mp, float value, void (*pre_search)(MemChunk *, float prct)); 112 | 113 | void 114 | memproc_search_integer (MemProc *mp, int value, void (*pre_search)(MemChunk *, float prct)); 115 | 116 | void 117 | memproc_search_text (MemProc *mp, char *text, char *mask, void (*pre_search)(MemChunk *, float prct)); 118 | 119 | void 120 | memproc_search_changed (MemProc *mp, void (*pre_search)(MemChunk *, float prct)); 121 | 122 | void 123 | memblock_read_from_memory (MemProc *mp, MemBlock *mem); 124 | 125 | void 126 | memproc_set_absolute_addr (MemProc *mp, DWORD *addr); 127 | 128 | void 129 | memproc_set_default_baseaddr (MemProc *mp, int default_baseaddr); 130 | 131 | void 132 | memblock_debug (MemBlock *mb); 133 | 134 | bool 135 | memproc_detected (MemProc *mp); 136 | 137 | // Directly in the process 138 | DWORD 139 | mem_search (DWORD start, DWORD size, unsigned char *pattern, char *mask); 140 | 141 | // --------- Destructors ---------- 142 | 143 | void 144 | memproc_clear (MemProc *memproc); 145 | 146 | void 147 | memproc_free (MemProc *memproc); 148 | 149 | 150 | void 151 | memblock_free (MemBlock *m); 152 | 153 | 154 | 155 | 156 | #endif // MemProc_INCLUDED 157 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | ################# 2 | ## Eclipse 3 | ################# 4 | 5 | *.pydevproject 6 | .project 7 | .metadata 8 | bin/ 9 | tmp/ 10 | *.tmp 11 | *.bak 12 | *.swp 13 | *~.nib 14 | local.properties 15 | .classpath 16 | .settings/ 17 | .loadpath 18 | 19 | # External tool builders 20 | .externalToolBuilders/ 21 | 22 | # Locally stored "Eclipse launch configurations" 23 | *.launch 24 | 25 | # CDT-specific 26 | .cproject 27 | 28 | # PDT-specific 29 | .buildpath 30 | 31 | 32 | ################# 33 | ## Visual Studio 34 | ################# 35 | 36 | ## Ignore Visual Studio temporary files, build results, and 37 | ## files generated by popular Visual Studio add-ons. 38 | 39 | # User-specific files 40 | *.suo 41 | *.user 42 | *.sln.docstates 43 | 44 | # Build results 45 | 46 | [Dd]ebug/ 47 | [Rr]elease/ 48 | x64/ 49 | build/ 50 | [Bb]in/ 51 | [Oo]bj/ 52 | 53 | # MSTest test Results 54 | [Tt]est[Rr]esult*/ 55 | [Bb]uild[Ll]og.* 56 | 57 | *_i.c 58 | *_p.c 59 | *.ilk 60 | *.meta 61 | *.obj 62 | *.pch 63 | *.pdb 64 | *.pgc 65 | *.pgd 66 | *.rsp 67 | *.sbr 68 | *.tlb 69 | *.tli 70 | *.tlh 71 | *.tmp 72 | *.tmp_proj 73 | *.log 74 | *.vspscc 75 | *.vssscc 76 | .builds 77 | *.pidb 78 | *.log 79 | *.scc 80 | 81 | # Visual C++ cache files 82 | ipch/ 83 | *.aps 84 | *.ncb 85 | *.opensdf 86 | *.sdf 87 | *.cachefile 88 | 89 | # Visual Studio profiler 90 | *.psess 91 | *.vsp 92 | *.vspx 93 | 94 | # Guidance Automation Toolkit 95 | *.gpState 96 | 97 | # ReSharper is a .NET coding add-in 98 | _ReSharper*/ 99 | *.[Rr]e[Ss]harper 100 | 101 | # TeamCity is a build add-in 102 | _TeamCity* 103 | 104 | # DotCover is a Code Coverage Tool 105 | *.dotCover 106 | 107 | # NCrunch 108 | *.ncrunch* 109 | .*crunch*.local.xml 110 | 111 | # Installshield output folder 112 | [Ee]xpress/ 113 | 114 | # DocProject is a documentation generator add-in 115 | DocProject/buildhelp/ 116 | DocProject/Help/*.HxT 117 | DocProject/Help/*.HxC 118 | DocProject/Help/*.hhc 119 | DocProject/Help/*.hhk 120 | DocProject/Help/*.hhp 121 | DocProject/Help/Html2 122 | DocProject/Help/html 123 | 124 | # Click-Once directory 125 | publish/ 126 | 127 | # Publish Web Output 128 | *.Publish.xml 129 | *.pubxml 130 | 131 | # NuGet Packages Directory 132 | ## TODO: If you have NuGet Package Restore enabled, uncomment the next line 133 | #packages/ 134 | 135 | # Windows Azure Build Output 136 | csx 137 | *.build.csdef 138 | 139 | # Windows Store app package directory 140 | AppPackages/ 141 | 142 | # Others 143 | sql/ 144 | *.Cache 145 | ClientBin/ 146 | [Ss]tyle[Cc]op.* 147 | ~$* 148 | *~ 149 | *.dbmdl 150 | *.[Pp]ublish.xml 151 | *.pfx 152 | *.publishsettings 153 | 154 | # RIA/Silverlight projects 155 | Generated_Code/ 156 | 157 | # Backup & report files from converting an old project file to a newer 158 | # Visual Studio version. Backup files are not needed, because we have git ;-) 159 | _UpgradeReport_Files/ 160 | Backup*/ 161 | UpgradeLog*.XML 162 | UpgradeLog*.htm 163 | 164 | # SQL Server files 165 | App_Data/*.mdf 166 | App_Data/*.ldf 167 | 168 | ############# 169 | ## Windows detritus 170 | ############# 171 | 172 | # Windows image file caches 173 | Thumbs.db 174 | ehthumbs.db 175 | 176 | # Folder config file 177 | Desktop.ini 178 | 179 | # Recycle Bin used on file shares 180 | $RECYCLE.BIN/ 181 | 182 | # Mac crap 183 | .DS_Store 184 | 185 | 186 | ############# 187 | ## Python 188 | ############# 189 | 190 | *.py[co] 191 | 192 | # Packages 193 | *.egg 194 | *.egg-info 195 | dist/ 196 | build/ 197 | eggs/ 198 | parts/ 199 | var/ 200 | sdist/ 201 | develop-eggs/ 202 | .installed.cfg 203 | 204 | # Installer logs 205 | pip-log.txt 206 | 207 | # Unit test / coverage reports 208 | .coverage 209 | .tox 210 | 211 | #Translations 212 | *.mo 213 | 214 | #Mr Developer 215 | .mr.developer.cfg 216 | -------------------------------------------------------------------------------- /MemProc.c: -------------------------------------------------------------------------------- 1 | #include "MemProc.h" 2 | #include 3 | 4 | #define __DEBUG_OBJECT__ "MemProc" 5 | #include "dbg/dbg.h" 6 | 7 | MemProc * 8 | memproc_new (char *process_name, char *window_name) 9 | { 10 | MemProc *mp; 11 | 12 | if ((mp = calloc (sizeof (MemProc), 1)) == NULL) 13 | return NULL; 14 | 15 | mp->memchunks = NULL; 16 | mp->stype = SEARCH_TYPE_BYTES; 17 | mp->pid = 0; 18 | mp->process_name = strdup(process_name); 19 | mp->window_name = window_name; 20 | mp->base_addr = 0; 21 | mp->default_baseaddr = 0; 22 | 23 | return mp; 24 | } 25 | 26 | bool 27 | memproc_detected (MemProc *mp) 28 | { 29 | return (mp->proc != 0); 30 | } 31 | 32 | int 33 | memproc_is_dumped (MemProc *mp) 34 | { 35 | return mp->memchunks != NULL; 36 | } 37 | 38 | void 39 | memproc_dump_details (MemProc *mp, int start, int end, int nbSections, int (*boolean_function) (MEMORY_BASIC_INFORMATION *, void *), void *arg) 40 | { 41 | MEMORY_BASIC_INFORMATION meminfo; 42 | int addr = start; 43 | int curNbSections = 0; 44 | 45 | if (!mp->proc) 46 | { 47 | warn ("Process pid=%d not found", mp->pid); 48 | return; 49 | } 50 | 51 | mp->memchunks = bb_queue_new (); 52 | 53 | while (1) 54 | { 55 | if (addr >= end && end != -1) 56 | break; 57 | 58 | if (nbSections != -1 && curNbSections >= nbSections) { 59 | break; 60 | } 61 | 62 | if (VirtualQueryEx (mp->proc, (void *) addr, &meminfo, sizeof (meminfo)) == 0) { 63 | dbg ("VirtualQueryEx returned 0"); 64 | break; 65 | } 66 | 67 | if (boolean_function (&meminfo, arg)) 68 | { 69 | MemChunk *mc = memchunk_new (mp->proc, &meminfo); 70 | 71 | switch (meminfo.Type) 72 | { 73 | case MEM_IMAGE: mc->type = MEM_TYPE_IMAGE; break; 74 | case MEM_MAPPED: mc->type = MEM_TYPE_MAPPED; break; 75 | case MEM_PRIVATE: mc->type = MEM_TYPE_PRIVATE; break; 76 | } 77 | 78 | console_set_col (0x07); 79 | bb_queue_add (mp->memchunks, mc); 80 | } 81 | 82 | addr = ((unsigned int) meminfo.BaseAddress + (unsigned int) meminfo.RegionSize); 83 | curNbSections++; 84 | } 85 | } 86 | 87 | static int 88 | memproc_dump_helper (MEMORY_BASIC_INFORMATION *meminfo, void *arg) 89 | { 90 | (void) meminfo; 91 | (void) arg; 92 | 93 | return 1; 94 | } 95 | 96 | void 97 | memproc_dump (MemProc *mp, int start, int end) 98 | { 99 | memproc_dump_details (mp, start, end, -1, memproc_dump_helper, NULL); 100 | } 101 | 102 | void 103 | memproc_dump_sections (MemProc *mp, int start, int nbSections) 104 | { 105 | memproc_dump_details (mp, start, -1, nbSections, memproc_dump_helper, NULL); 106 | } 107 | 108 | void 109 | memproc_set_default_baseaddr (MemProc *mp, int default_baseaddr) 110 | { 111 | mp->default_baseaddr = default_baseaddr; 112 | } 113 | 114 | bool 115 | memproc_refresh_handle (MemProc *mp) 116 | { 117 | if (mp == NULL) 118 | return false; 119 | 120 | // Get the PID 121 | if ((mp->pid = get_pid_by_name (mp->process_name)) == 0) 122 | { 123 | // Process not active 124 | mp->proc = NULL; 125 | warn ("Process \"%s\" not found.", mp->process_name); 126 | return false; 127 | } 128 | 129 | // Get the process handle 130 | if ((mp->proc = OpenProcess (PROCESS_ALL_ACCESS, false, mp->pid)) == 0) 131 | { 132 | warn ("Process is unable to be opened with all access."); 133 | return false; 134 | } 135 | 136 | // Get the base address 137 | if ((mp->base_addr = get_baseaddr (mp->process_name)) == 0) 138 | { 139 | dbg ("Process <%s> not found.", mp->process_name); 140 | mp->base_addr = mp->default_baseaddr; 141 | } 142 | 143 | // Get the window handle 144 | if (mp->window_name != NULL) 145 | { 146 | mp->hwnd = get_hwnd_from_title (mp->window_name); 147 | if (!mp->hwnd) { 148 | warn ("Cannot find the window \"%s\".", mp->window_name); 149 | } 150 | } 151 | 152 | return true; 153 | } 154 | 155 | void 156 | memproc_debug (MemProc *mp) 157 | { 158 | bb_queue_debug_custom_data (mp->memchunks, memchunk_debug); 159 | } 160 | 161 | void 162 | memproc_full_debug (MemProc *mp) 163 | { 164 | bb_queue_debug_custom_data (mp->memchunks, memchunk_full_debug); 165 | } 166 | 167 | void 168 | memproc_search_float (MemProc *mp, float value, void (*pre_search) (MemChunk *, float prct)) 169 | { 170 | char *mask = "xxxx"; 171 | unsigned char pattern[4] = {0, 0, 0, 0}; 172 | memcpy (pattern, &value, 4); 173 | 174 | memproc_search (mp, pattern, mask, pre_search, SEARCH_TYPE_FLOAT); 175 | } 176 | 177 | void 178 | memproc_search_integer (MemProc *mp, int value, void (*pre_search) (MemChunk *, float prct)) 179 | { 180 | char *mask = "xxxx"; 181 | unsigned char pattern[4] = {0, 0, 0, 0}; 182 | memcpy (pattern, &value, 4); 183 | 184 | memproc_search (mp, pattern, mask, pre_search, SEARCH_TYPE_INTEGER); 185 | } 186 | 187 | void 188 | memproc_search_text (MemProc *mp, char *text, char *mask, void (*pre_search) (MemChunk *, float prct)) 189 | { 190 | int len = strlen (text); 191 | 192 | if (mask == NULL) 193 | { 194 | mask = malloc (len + 1); 195 | memset (mask, 'x', len); 196 | mask[len] = '\0'; 197 | } 198 | 199 | memproc_search (mp, (unsigned char *) text, mask, pre_search, SEARCH_TYPE_STRING); 200 | } 201 | 202 | void 203 | memproc_update (MemProc *mp, BbQueue *memblocks) 204 | { 205 | MemBlock *mb; 206 | 207 | foreach_bbqueue_item (memblocks, mb) 208 | { 209 | memblock_read_from_memory (mp, mb); 210 | // TODO : impact de l'update dans le buffer des mc 211 | } 212 | } 213 | 214 | BbQueue * 215 | memblock_get_change (MemProc *mp, BbQueue *res) 216 | { 217 | // TODO 218 | (void) mp; 219 | (void) res; 220 | 221 | return NULL; 222 | } 223 | 224 | DWORD 225 | mem_search (DWORD start, DWORD size, unsigned char *pattern, char *mask) 226 | { 227 | int offset = 0; 228 | 229 | unsigned char * buffer = (char *) start; 230 | 231 | do { 232 | if ((offset = find_pattern (buffer, size, pattern, mask)) != -1) { 233 | return (DWORD) buffer + offset; 234 | } 235 | } while (offset != -1); 236 | 237 | return 0; 238 | } 239 | 240 | 241 | void 242 | memproc_search (MemProc *mp, unsigned char *pattern, char *mask, void (*pre_search) (MemChunk *, float prct), SearchType stype) 243 | { 244 | MemChunk *mc; 245 | int offset; 246 | int total; 247 | int loop = 1; 248 | 249 | if (mp->memchunks == NULL) 250 | { 251 | warn ("No memchunks stored, you must call %s () first", STRINGIFY (memproc_dump)); 252 | return; 253 | } 254 | 255 | mp->mask_len = strlen (mask); 256 | 257 | foreach_bbqueue_item (mp->memchunks, mc) 258 | { 259 | offset = 0; 260 | total = 0; 261 | 262 | if (pre_search != NULL) 263 | pre_search (mc, (float) loop / (float) bb_queue_get_length (mp->memchunks)); 264 | 265 | do 266 | { 267 | if ((offset = find_pattern (mc->buffer + total, mc->size - total, pattern, mask)) != -1) 268 | { 269 | bb_queue_add_raw (mc->matches, total + offset); 270 | total += offset + strlen (mask); 271 | } 272 | 273 | } while (offset != -1); 274 | 275 | loop++; 276 | } 277 | 278 | mp->stype = stype; 279 | } 280 | 281 | BbQueue * 282 | memproc_get_res (MemProc *mp) 283 | { 284 | int offset; 285 | void *data = NULL; 286 | MemBlock *b; 287 | MemChunk *mc; 288 | BbQueue *q = bb_queue_new (); 289 | 290 | foreach_bbqueue_item (mp->memchunks, mc) 291 | { 292 | while (bb_queue_get_length (mc->matches)) 293 | { 294 | offset = (int) bb_queue_pop (mc->matches); 295 | 296 | switch (mp->stype) 297 | { 298 | case SEARCH_TYPE_BYTES: 299 | case SEARCH_TYPE_FLOAT: 300 | case SEARCH_TYPE_INTEGER: 301 | data = malloc (mp->mask_len); 302 | break; 303 | 304 | case SEARCH_TYPE_STRING: 305 | data = malloc (mp->mask_len + 1); 306 | ((unsigned char *) data) [mp->mask_len] = '\0'; 307 | break; 308 | } 309 | 310 | memcpy (data, &mc->buffer[(int) offset], mp->mask_len); 311 | b = memblock_new (data, mc->addr + offset, mp->mask_len, mc->type); 312 | bb_queue_add (q, b); 313 | } 314 | } 315 | 316 | return q; 317 | } 318 | 319 | MemBlock * 320 | memblock_new (void *data, DWORD addr, int size, MemType type) 321 | { 322 | MemBlock *r; 323 | 324 | if ((r = malloc (sizeof (MemBlock)) ) == NULL) 325 | return NULL; 326 | 327 | r->data = data; 328 | r->addr = addr; 329 | r->size = size; 330 | r->type = type; 331 | 332 | return r; 333 | } 334 | 335 | void 336 | memblock_debug (MemBlock *mb) 337 | { 338 | printf("addr = %x - size = %x", (int) mb->addr, mb->size); 339 | } 340 | 341 | void 342 | memproc_set_absolute_addr (MemProc *mp, DWORD *addr) 343 | { 344 | (*addr) = (*addr) + mp->base_addr; 345 | }; 346 | 347 | inline void 348 | memblock_read_from_memory (MemProc *mp, MemBlock *mem) 349 | { 350 | read_from_memory (mp->proc, mem->data, mem->addr, mem->size); 351 | } 352 | 353 | void 354 | memproc_free (MemProc *memproc) 355 | { 356 | if (memproc != NULL) 357 | { 358 | memproc_clear (memproc); 359 | free (memproc); 360 | } 361 | } 362 | 363 | void 364 | memproc_clear (MemProc *memproc) 365 | { 366 | if (memproc != NULL) 367 | { 368 | bb_queue_free_all (memproc->memchunks, memchunk_free); 369 | } 370 | } 371 | 372 | void 373 | memblock_free (MemBlock *m) 374 | { 375 | if (m != NULL) 376 | { 377 | free (m); 378 | } 379 | } 380 | --------------------------------------------------------------------------------