aboutsummaryrefslogtreecommitdiff
path: root/NorthstarDLL/sigscanning.cpp
blob: 618645e0384bca0a9d998dfdcd4bf3fe0dee4522 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#include "pch.h"
#include "sigscanning.h"
#include <map>

// note: sigscanning is only really intended to be used for resolving stuff like shared function definitions
// we mostly use raw function addresses for stuff

size_t GetModuleLength(HMODULE moduleHandle)
{
	// based on sigscan code from ttf2sdk, which is in turn based on CSigScan from https://wiki.alliedmods.net/Signature_Scanning
	MEMORY_BASIC_INFORMATION mem;
	VirtualQuery(moduleHandle, &mem, sizeof(mem));

	IMAGE_DOS_HEADER* dos = (IMAGE_DOS_HEADER*)mem.AllocationBase;
	IMAGE_NT_HEADERS* pe = (IMAGE_NT_HEADERS*)((unsigned char*)dos + dos->e_lfanew);

	return pe->OptionalHeader.SizeOfImage;
}

void* FindSignature(std::string dllName, const char* sig, const char* mask)
{
	HMODULE module = GetModuleHandleA(dllName.c_str());

	unsigned char* dllAddress = (unsigned char*)module;
	unsigned char* dllEnd = dllAddress + GetModuleLength(module);

	size_t sigLength = strlen(mask);

	for (auto i = dllAddress; i < dllEnd - sigLength + 1; i++)
	{
		int j = 0;
		for (; j < sigLength; j++)
			if (mask[j] != '?' && sig[j] != i[j])
				break;

		if (j == sigLength) // loop finished of its own accord
			return i;
	}

	return nullptr;
}