Skip to content

Commit 20c094d

Browse files
committed
small bugfixes: rip relative addresses were unwildcarded when offsets were wildcarded, if the module name had a dash in the name, the parser made a mistake, and it wildcarded the trailing byte in cmp statements if the opcode used an offset (as the trailing byte is the value compared, not the offset)
1 parent 3d6a90e commit 20c094d

File tree

2 files changed

+16
-9
lines changed

2 files changed

+16
-9
lines changed

Tools/AOBGen/AOBGenerator.cs

Lines changed: 14 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -50,13 +50,15 @@ private void HandleByteFragments(StringBuilder sb, string secondFragment, string
5050
{
5151
var byteFragments = secondFragment.Split(' ');
5252

53+
bool offsetWildcarded = false;
54+
5355
for(var i = 0; i < byteFragments.Length; i++)
5456
{
5557
var byteFragment = byteFragments[i];
5658
switch(byteFragment.Length)
5759
{
5860
case 2:
59-
if(alsoWildcardOffsets && i == byteFragments.Length - 1 && thirdFragment.Contains("+" + byteFragment))
61+
if(alsoWildcardOffsets && i == byteFragments.Length - 1 && thirdFragment.Contains("+" + byteFragment) && !offsetWildcarded)
6062
{
6163
sb.Append("?? ");
6264
}
@@ -72,8 +74,9 @@ private void HandleByteFragments(StringBuilder sb, string secondFragment, string
7274
case 8:
7375
// offset or RIP relative block
7476
// We convert the byteFragment to a hexadecimal number. If that number is present in third fragment, it's not a RIP relative address but an offset.
75-
if(CheckIfShouldBeWildcarded(byteFragment.ToLowerInvariant(), thirdFragment, alsoWildcardOffsets))
77+
if(CheckIfShouldBeWildcarded(byteFragment.ToLowerInvariant(), thirdFragment, alsoWildcardOffsets, out bool performedOffsetWildcard))
7678
{
79+
offsetWildcarded |= performedOffsetWildcard;
7780
sb.Append("?? ?? ?? ?? ");
7881
}
7982
else
@@ -111,12 +114,12 @@ private string HandleCheatEngine(string[] lines, bool alsoWildcardOffsets)
111114
continue;
112115
}
113116

114-
var indexFirstHyphen = l.IndexOf('-');
117+
var indexFirstHyphen = l.IndexOf(" - ", StringComparison.InvariantCulture);
115118
if(indexFirstHyphen < 0)
116119
{
117120
continue;
118121
}
119-
var indexOfSecondHyphen = l.IndexOf('-', indexFirstHyphen + 1);
122+
var indexOfSecondHyphen = l.IndexOf(" - ", indexFirstHyphen + 1, StringComparison.InvariantCulture);
120123
if(indexOfSecondHyphen < 0)
121124
{
122125
continue;
@@ -162,20 +165,24 @@ private string HandleX64Dbg(string[] lines, bool alsoWildcardOffsets)
162165
/// <param name="byteFragment"></param>
163166
/// <param name="thirdFragment"></param>
164167
/// <param name="alsoWildcardOffsets"></param>
168+
/// <param name="performedOffsetWildcard"></param>
165169
/// <returns></returns>
166-
private bool CheckIfShouldBeWildcarded(string byteFragment, string thirdFragment, bool alsoWildcardOffsets)
170+
private bool CheckIfShouldBeWildcarded(string byteFragment, string thirdFragment, bool alsoWildcardOffsets, out bool performedOffsetWildcard)
167171
{
172+
performedOffsetWildcard = false;
168173
// convert the byte fragment to a hexadecimal number. then check if that number is present in thirdfragment.
169174
// aabbccdd becomes ddccbbaa
170175
var numberAsLittleEndian = new string(new char[] { byteFragment[6], byteFragment[7], byteFragment[4], byteFragment[5], byteFragment[2], byteFragment[3], byteFragment[0], byteFragment[1] });
171176
// strip off all 0's at the front, so convert it to an int and then back to a hex string
172177
uint bytes = uint.Parse(numberAsLittleEndian, NumberStyles.HexNumber);
173178
string bytesAsHex = bytes.ToString("X");
179+
var fragmentIsRIPRelativeAddress = !thirdFragment.Contains(bytesAsHex) && !thirdFragment.Contains(numberAsLittleEndian);
174180
if(alsoWildcardOffsets)
175181
{
176-
return thirdFragment.Contains(bytesAsHex) || thirdFragment.Contains(numberAsLittleEndian);
182+
performedOffsetWildcard = true;
183+
return fragmentIsRIPRelativeAddress || thirdFragment.Contains(bytesAsHex) || thirdFragment.Contains(numberAsLittleEndian);
177184
}
178-
return !thirdFragment.Contains(bytesAsHex) && !thirdFragment.Contains(numberAsLittleEndian);
185+
return fragmentIsRIPRelativeAddress;
179186
}
180187

181188
}

Tools/AOBGen/Properties/AssemblyInfo.cs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,5 +32,5 @@
3232
// You can specify all the values or you can default the Build and Revision Numbers
3333
// by using the '*' as shown below:
3434
// [assembly: AssemblyVersion("1.0.*")]
35-
[assembly: AssemblyVersion("1.1.0.0")]
36-
[assembly: AssemblyFileVersion("1.1.0.0")]
35+
[assembly: AssemblyVersion("1.1.1.0")]
36+
[assembly: AssemblyFileVersion("1.1.1.0")]

0 commit comments

Comments
 (0)