Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enabled support of export index as argument in get_proc_address opcode #124

Merged
merged 2 commits into from
Apr 13, 2024
Merged

Enabled support of export index as argument in get_proc_address opcode #124

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d15c006
Enabled support of export index as argument of get_proc_address opcode
MiranDMC Apr 13, 2024
0fbb3c0
Added test to 0AA4
MiranDMC Apr 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 15 additions & 4 deletions cleo_plugins/MemoryOperations/MemoryOperations.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -396,12 +396,23 @@ class MemoryOperations
//0AA4=3, get_proc_address %1d% library %2d% result %3d% // IF and SET
static OpcodeResult __stdcall opcode_0AA4(CLEO::CRunningScript* thread)
{
OPCODE_READ_PARAM_STRING(name);
auto ptr = (HMODULE)OPCODE_READ_PARAM_PTR();
void* funcPtr = nullptr;

// allow any pointer, not just from 0AA2
auto paramType = thread->PeekDataType();
if (IsImmInteger(paramType) || IsVariable(paramType))
{
auto procedure = OPCODE_READ_PARAM_UINT(); // text pointer or export index - see GetProcAddress docs
auto module = (HMODULE)OPCODE_READ_PARAM_PTR();

auto funcPtr = (void*)GetProcAddress(ptr, name);
funcPtr = (void*)GetProcAddress(module, (LPCSTR)procedure);
}
else
{
OPCODE_READ_PARAM_STRING(name);
auto module = (HMODULE)OPCODE_READ_PARAM_PTR();

funcPtr = (void*)GetProcAddress(module, name);
}

OPCODE_WRITE_PARAM_PTR(funcPtr);
OPCODE_CONDITION_RESULT(funcPtr != nullptr);
Expand Down
15 changes: 15 additions & 0 deletions tests/cleo_tests/MemoryOperations/0AA4.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ terminate_this_custom_script
function tests

it("should return address of Sleep function from kernel32.dll", test1)
it("should get export by index", test2)
return

function test1
Expand All @@ -24,4 +25,18 @@ function tests
assert(false)
end
end

function test2
int load_library_addr = read_memory 0x858070 4 false

int kernel_dll_addr = call_function_return {address} load_library_addr {numParams} 1 {pop} 0 {funcParams} "kernel32.dll" // tested opcode
if
// lib address can be any valid pointer, not necessarily one loaded with 0AA2 opcode
int sleep_addr = get_dynamic_library_procedure {procName} 1 {DynamicLibrary} kernel_dll_addr
then
assert(true)
else
assert(false)
end
end
end
Loading