-
Notifications
You must be signed in to change notification settings - Fork 0
/
memoryapi.cpp
112 lines (94 loc) · 2.65 KB
/
memoryapi.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#include "memoryapi.h"
#include <limits>
#include <QDebug>
MemoryAPI::MemoryAPI(QString pathDump, QString pathIDX)
{
loadDump(pathDump);
loadIDX(pathIDX);
}
quint32 MemoryAPI::convertVirtToPhys(const quint32 virt) const
{
for(auto it = memoryRelations.begin(); it != memoryRelations.end(); ++it)
{
if((*it).inRange(virt))
{
const quint32& phBase = (*it).getPhysicalAddress(), vrBase = (*it).getVirtualAddress();
if(phBase>vrBase)
return virt + (phBase - vrBase);
else
return virt - (vrBase - phBase);
}
}
throw 1;
}
void MemoryAPI::loadIDX(QString path)
{
QFile file(path);
if(file.open(QIODevice::ReadOnly))
{
QTextStream stream(&file);
for(quint8 i = 0; i<2; ++i)
stream.readLine();
while(!stream.atEnd())
{
quint64 fileAddress, length, virtualAddress;
stream >> fileAddress >> length >> virtualAddress;
if(fileAddress > std::numeric_limits<quint32>::max() || virtualAddress > std::numeric_limits<quint32>::max())
continue;
memoryRelations.append(MemoryRange(virtualAddress, fileAddress, length));
}
}else
qDebug() << "IDX файл не открывается";
}
void MemoryAPI::loadDump(QString path)
{
dumpFile.setFileName(path);
dumpFile.open(QIODevice::ReadOnly);
}
QByteArray MemoryAPI::readVirtMem(const quint32 baseAddr, const quint32 size)
{
QByteArray result;
quint32 addr = convertVirtToPhys(baseAddr);
dumpFile.seek(addr);
result = dumpFile.read(size);
return result;
}
qint32 MemoryAPI::readInt(const quint32 offset)
{
qint32 a;
QDataStream ds(readVirtMem(offset, 4));
ds.setByteOrder(QDataStream::LittleEndian);
ds >> a;
return a;
}
quint32 MemoryAPI::readPtr(const quint32 offset)
{
quint32 a;
QDataStream ds(readVirtMem(offset, 4));
ds.setByteOrder(QDataStream::LittleEndian);
ds >> a;
return a;
}
QString MemoryAPI::readStringAscii(const quint32 offset, const quint32 size)
{
return QString(readVirtMem(offset, size));
}
float MemoryAPI::readFloat(const quint32 offset)
{
float a;
QDataStream ds(readVirtMem(offset, 4));
ds.setByteOrder(QDataStream::LittleEndian);
ds.setFloatingPointPrecision(QDataStream::SinglePrecision);
ds >> a;
return a;
}
QString MemoryAPI::readArmaString(quint32 offset)
{
const int maxStringLength = 0x40;
int absoluteLength = readPtr(offset + 0x4);
if (absoluteLength > maxStringLength)
{
return QString("");
}
return readStringAscii(offset + 8, absoluteLength);
}