📄 memscan.pas.svn-base
字号:
begin
scanwriter.writeresults(CurrentAddressBuffer,currentfoundbuffer,4*found,found*variablesize);
tempaddress:=CurrentAddressBuffer;
tempfound:=CurrentFoundBuffer;
CurrentAddressBuffer:=SecondaryAddressBuffer;
CurrentFoundBuffer:=SecondaryFoundBuffer;
SecondaryAddressBuffer:=tempaddress;
SecondaryFoundBuffer:=tempfound;
inc(totalfound,found);
found:=0;
end;
procedure TScanner.stringFlush;
begin
AddressFile.WriteBuffer(CurrentAddressBuffer^,4*found);
inc(totalfound,found);
found:=0;
end;
procedure TScanner.binaryFlush;
begin
AddressFile.WriteBuffer(CurrentAddressBuffer^,sizeof(TBitAddress)*found);
inc(totalfound,found);
found:=0;
end;
procedure TScanner.allFlush;
var tempaddress,tempfound: pointer;
begin
scanwriter.writeresults(CurrentAddressBuffer,currentfoundbuffer,sizeof(tbitaddress)*found,found*8);
tempaddress:=CurrentAddressBuffer;
tempfound:=CurrentFoundBuffer;
CurrentAddressBuffer:=SecondaryAddressBuffer;
CurrentFoundBuffer:=SecondaryFoundBuffer;
SecondaryAddressBuffer:=tempaddress;
SecondaryFoundBuffer:=tempfound;
inc(totalfound,found);
found:=0;
end;
//==================Tscanfilewriter=================//
procedure Tscanfilewriter.execute;
begin
repeat
dataavailable.WaitFor(infinite);
try
if terminated then exit;
scancontroller.resultsaveCS.Enter;
try
//note: Compressing before writing using TCompressStream=failure
//on fast compression speed it still took longer to compess and write
//than to only write the uncompressed buffer (no compress=2.8 secs,
//compressed=7.1 sec)
// cAddressFile.WriteBuffer(addressbuffer^,addressSize);
// cMemoryFile.WriteBuffer(memorybuffer^,memorySize);
AddressFile.WriteBuffer(addressbuffer^,addressSize);
MemoryFile.WriteBuffer(memorybuffer^,memorySize);
finally
scancontroller.resultsaveCS.Leave;
end;
finally
datawritten.SetEvent; //tell the others that you're ready to write again
end;
until terminated;
end;
procedure Tscanfilewriter.writeresults(addressbuffer,memorybuffer: pointer; addressSize,memorySize: dword);
{
check if the thread is currently saving
If yes, wait, if not, start the thread, give it the buffer, and continue
}
begin
datawritten.WaitFor(infinite); //only gets set when the thread is done writing
//got past the wait, so it's done writing, so it has no need for the current variables
self.addressbuffer:=addressbuffer;
self.memorybuffer:=memorybuffer;
self.addressSize:=addressSize;
self.memorySize:=memorySize;
dataavailable.SetEvent; //tell the thread to start saving
//and return to the scanner, who should now swap scanbuffers
end;
procedure Tscanfilewriter.flush;
begin
datawritten.WaitFor(infinite);
datawritten.SetEvent;
end;
destructor Tscanfilewriter.destroy;
begin
if not terminated then
begin
terminate;
dataavailable.SetEvent;
waitfor;
end;
if datawritten<>nil then datawritten.Free;
if dataavailable<>nil then dataavailable.Free;
{
if cAddressFile<>nil then cAddressFile.free;
if cMemoryFile<>nil then cMemoryFile.free;
}
inherited destroy;
end;
constructor Tscanfilewriter.create(scancontroller:TScanController; addressfile,memoryfile:TFileStream);
begin
self.scancontroller:=scancontroller;
self.addressfile:=addressfile;
self.memoryfile:=memoryfile;
//create the events
datawritten:=tevent.Create(nil,false,true,'');
dataavailable:=tevent.create(nil,false,false,'');
{
cAddressFile:=TCompressionStream.Create(clNone,AddressFile);
cMemoryFile:=TCompressionStream.Create(clNone,MemoryFile);
}
inherited create(false); //start it
end;
//=============TScanner===========//
procedure TScanner.FirstScanmem(base:dword; buffer: pointer; size: integer);
{
Scan the given buffer
Excludes the previousvalue buffer
}
var stepsize: integer;
lastmem: dword;
p: pbyte;
i: TVariableType;
_fastscan: boolean;
dividableby2: boolean;
dividableby4: boolean;
begin
_fastscan:=fastscan;
if _fastscan then
stepsize:=fastscanalignsize
else
stepsize:=1;
p:=buffer;
lastmem:=dword(p)+(size-variablesize); //optimizes compile to use reg if possible
if variableType=vtAll then
begin
//reset typesmatch array for each check
while dword(p)<=lastmem do
begin
if _fastscan then
begin
dividableby2:=dword(p) mod 2=0;
dividableby4:=dword(p) mod 4=0;
typesmatch[vtByte]:=true;
typesmatch[vtWord]:=dividableby2;
typesmatch[vtDWord]:=dividableby4;
typesmatch[vtQWord]:=dividableby4;
typesmatch[vtSingle]:=dividableby4;
typesmatch[vtDouble]:=dividableby4;
end
else
for i:=vtByte to vtDouble do typesmatch[i]:=true;
if checkroutine(p,nil) then //found one
StoreResultRoutine(base+dword(p)-dword(buffer),p);
inc(p,stepsize);
end;
end
else
begin
while dword(p)<=lastmem do
begin
if checkroutine(p,nil) then //found one
StoreResultRoutine(base+dword(p)-dword(buffer),p);
inc(p,stepsize);
end;
end;
end;
procedure TScanner.FirstNextScanmem(base:dword; buffer,oldbuffer: pointer; size: integer);
{
Scan the given buffer
}
var stepsize: integer;
lastmem: dword;
p,oldp: pbyte;
valuetype: TValueType;
_fastscan: boolean;
dividableby2: boolean;
dividableby4: boolean;
i: TVariableType;
begin
_fastscan:=fastscan;
if _fastscan then
stepsize:=fastscanalignsize
else
stepsize:=1;
p:=buffer;
oldp:=oldbuffer;
lastmem:=dword(p)+(size-variablesize); //optimizes compile to use reg if possible
if scanOption=soSameAsFirst then //stupid, but ok...
begin
case self.variableType of
vtByte: valuetype:=vt_byte;
vtWord: valuetype:=vt_word;
vtDWord: valuetype:=vt_dword;
vtdouble: valuetype:=vt_double;
vtQword: valuetype:=vt_int64;
vtAll: valuetype:=vt_all;
end;
if valuetype=vt_all then
begin
while dword(p)<=lastmem do
begin
if _fastscan then
begin
dividableby2:=dword(p) mod 2=0;
dividableby4:=dword(p) mod 4=0;
typesmatch[vtByte]:=true;
typesmatch[vtWord]:=dividableby2;
typesmatch[vtDWord]:=dividableby4;
typesmatch[vtQWord]:=dividableby4;
typesmatch[vtSingle]:=dividableby4;
typesmatch[vtDouble]:=dividableby4;
end
else
for i:=vtByte to vtDouble do typesmatch[i]:=true;
if checkroutine(p,firstscanhandler.getpointertoaddress(base+dword(p)-dword(buffer),valuetype )) then //found one
StoreResultRoutine(base+dword(p)-dword(buffer),p);
inc(p, stepsize);
end;
end
else
begin
while dword(p)<=lastmem do
begin
if checkroutine(p,firstscanhandler.getpointertoaddress(base+dword(p)-dword(buffer),valuetype )) then //found one
StoreResultRoutine(base+dword(p)-dword(buffer),p);
inc(p, stepsize);
end;
end;
end
else
begin
if variableType=vtall then
begin
while dword(p)<=lastmem do
begin
if _fastscan then
begin
dividableby2:=dword(p) mod 2=0;
dividableby4:=dword(p) mod 4=0;
typesmatch[vtByte]:=true;
typesmatch[vtWord]:=dividableby2;
typesmatch[vtDWord]:=dividableby4;
typesmatch[vtQWord]:=dividableby4;
typesmatch[vtSingle]:=dividableby4;
typesmatch[vtDouble]:=dividableby4;
end
else
for i:=vtByte to vtDouble do typesmatch[i]:=true;
if checkroutine(p,oldp) then //found one
StoreResultRoutine(base+dword(p)-dword(buffer),p);
inc(p, stepsize);
inc(oldp, stepsize);
end;
end
else
begin
while dword(p)<=lastmem do
begin
if checkroutine(p,oldp) then //found one
StoreResultRoutine(base+dword(p)-dword(buffer),p);
inc(p, stepsize);
inc(oldp, stepsize);
end;
end;
end;
end;
procedure TScanner.nextnextscanmemAll(addresslist: pointer; oldmemory: pointer; chunksize: integer);
var stepsize: dword;
i,j,k: dword;
l: TVariableType;
maxindex: dword;
vsize: dword;
currentbase: dword;
newmemory: array [0..4095] of byte;
oldmem: pbytearray;
alist: pbitaddressarray;
actualread: dword;
so: Tscanoption;
valuetype: TValuetype;
currentaddress: dword;
begin
i:=0;
so:=scanoption;
maxindex:=chunksize;
vsize:=variablesize; //=8
oldmem:=oldmemory;
alist:=addresslist;
valuetype:=vt_all;
while i<maxindex do
begin
j:=i+1;
currentbase:=alist[i].address and $FFFFF000;
while j<=maxindex do
begin
if (currentbase)=((alist[j].address+vsize-1) and $fffff000) then //same page
inc(j)
else
begin
dec(j); //now points to the last valid one, or the first one
break;
end;
end;
currentbase:=alist[i].address;
if readprocessmemory(processhandle,pointer(currentbase),@newmemory[0],(alist[j].address-currentbase)+vsize,actualread) then
begin
if so=soSameAsFirst then
begin
//clear typesmatch and set current address
for l:=vtByte to vtDouble do
typesmatch[l]:=false;
currentaddress:=currentbase;
for k:=i to j do
begin
if alist[k].address=currentaddress then
begin
typesmatch[tvariabletype(alist[k].bit)]:=true;
end
else
begin
if checkroutine(@newmemory[currentaddress-currentbase],firstscanhandler.getpointertoaddress(currentaddress,valuetype )) then
StoreResultRoutine(currentaddress,@newmemory[currentaddress-currentbase]);
//clear typesmatch and set current address
for l:=vtByte to vtDouble do
typesmatch[l]:=false;
currentaddress:=alist[k].address;
typesmatch[tvariabletype(alist[k].bit)]:=true;
end;
end;
if checkroutine(@newmemory[currentaddress-currentbase],firstscanhandler.getpointertoaddress(currentaddress,valuetype )) then
StoreResultRoutine(currentaddress,@newmemory[currentaddress-currentbase]);
end
else
begin
//clear typesmatch and set current address
for l:=vtByte to vtDouble do
typesmatch[l]:=false;
currentaddress:=currentbase;
for k:=i to j do
begin
if alist[k].address=currentaddress then
begin
//add this one to the list
typesmatch[tvariabletype(alist[k].bit)]:=true;
continue;
end
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -