add new function call scanning/patching feature + multiple signature patching
This commit is contained in:
parent
de2b36c569
commit
1ce327b24c
@ -246,6 +246,7 @@ class ExtensionConfig(object):
|
||||
cxx.linkflags += ['-static-libgcc']
|
||||
elif cxx.vendor == 'clang':
|
||||
cxx.linkflags += ['-lgcc_eh']
|
||||
cxx.linkflags += ['-static-libstdc++']
|
||||
|
||||
def configure_mac(self, cxx):
|
||||
cxx.defines += ['OSX', '_OSX', 'POSIX']
|
||||
|
188
extension.cpp
188
extension.cpp
@ -125,15 +125,26 @@ public:
|
||||
|
||||
static struct SrcdsPatch
|
||||
{
|
||||
const char *pSignature;
|
||||
const unsigned char *pPatchSignature;
|
||||
const char *pPatchPattern;
|
||||
const unsigned char *pPatch;
|
||||
const char *pSignature; // function symbol
|
||||
const unsigned char *pPatchSignature; // original opcode signature | function symbol for functionCall = true
|
||||
const char *pPatchPattern; // pattern = x/?, ? = ignore signature
|
||||
const unsigned char *pPatch; // replace with bytes
|
||||
const char *pLibrary; // library of function symbol pSignature
|
||||
|
||||
unsigned char *pOriginal;
|
||||
uintptr_t pAddress;
|
||||
uintptr_t pPatchAddress;
|
||||
bool engine;
|
||||
int range = 0x400; // search range: scan up to this many bytes for the signature
|
||||
int occurrences = 1; // maximum(!) number of occurences to patch
|
||||
bool functionCall = false; // true = FindFunctionCall (pPatchSignature = function symbol) | false = FindPattern
|
||||
const char *pFunctionLibrary = ""; // library of function symbol pPatchSignature for functionCall = true
|
||||
|
||||
struct Restore
|
||||
{
|
||||
unsigned char *pOriginal = NULL;
|
||||
uintptr_t pPatchAddress = 0;
|
||||
struct Restore *pNext = NULL;
|
||||
} *pRestore = NULL;
|
||||
|
||||
uintptr_t pAddress = 0;
|
||||
uintptr_t pSignatureAddress = 0;
|
||||
} gs_Patches[] = {
|
||||
// 0: game_ui should not apply FL_ONTRAIN flag, else client prediction turns off
|
||||
{
|
||||
@ -141,7 +152,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\xC7\x44\x24\x04\x10\x00\x00\x00\x89\x34\x24\xE8\x00\x00\x00\x00",
|
||||
"xxxxxxxxxxxx????",
|
||||
(unsigned char *)"\xC7\x44\x24\x04\x10\x00\x00\x00\x89\x34\x24\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
// 1: player_speedmod should not turn off flashlight
|
||||
{
|
||||
@ -149,7 +160,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\xFF\x90\x8C\x05\x00\x00\x85\xC0\x0F\x85\x85\x02\x00\x00",
|
||||
"xxxxxxxxxxxxxx",
|
||||
(unsigned char *)"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
// 2: only select CT spawnpoints
|
||||
{
|
||||
@ -157,7 +168,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\x89\x1C\x24\xE8\x00\x00\x00\x00\x83\xF8\x03\x74\x6B",
|
||||
"xxxx????xxxxx",
|
||||
(unsigned char *)"\x89\x1C\x24\x90\x90\x90\x90\x90\x90\x90\x90\xEB\x6B",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
// 3: don't check if we have T spawns
|
||||
{
|
||||
@ -165,7 +176,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\x74\x0E\x8B\x83\x80\x02\x00\x00\x85\xC0\x0F\x85\x9E\x00\x00\x00\xC7\x04\x24\xAC\xF7\x87\x00\xE8\xC2\x82\x91\x00",
|
||||
"xxxxxxxxxxxxxxxx????????????",
|
||||
(unsigned char *)"\x0F\x85\xA8\x00\x00\x00\x8B\x83\x80\x02\x00\x00\x85\xC0\x0F\x85\x9A\x00\x00\x00\x90\x90\x90\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
// 5: disable alive check in point_viewcontrol->Disable
|
||||
{
|
||||
@ -173,7 +184,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\x8B\x10\x89\x04\x24\xFF\x92\x08\x01\x00\x00\x84\xC0\x0F\x84\x58\xFF\xFF\xFF",
|
||||
"xxxxxxx??xxxxxx?xxx",
|
||||
(unsigned char *)"\x8B\x10\x89\x04\x24\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
// 6: disable player->m_takedamage = DAMAGE_NO in point_viewcontrol->Enable
|
||||
{
|
||||
@ -181,7 +192,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\x31\xF6\x80\xBE\xFD\x00\x00\x00\x00\x0F\x85\x8D\x03\x00\x00",
|
||||
"xxxx?xxxxxx??xx",
|
||||
(unsigned char *)"\x31\xF6\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
// 7: disable player->m_takedamage = m_nOldTakeDamage in point_viewcontrol->Disable
|
||||
{
|
||||
@ -189,7 +200,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\x89\xF9\x38\x8E\xFD\x00\x00\x00\x0F\x84\xCA\xFD\xFF\xFF",
|
||||
"xxxx?xxxxxxxxx",
|
||||
(unsigned char *)"\x89\xF9\x38\x8E\xFD\x00\x00\x00\x90\xE9\xCA\xFD\xFF\xFF",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
// 8: userinfo stringtable don't write fakeclient field
|
||||
{
|
||||
@ -197,7 +208,7 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\xFF\x50\x70\x88\x46\x6C",
|
||||
"xxxxxx",
|
||||
(unsigned char *)"\x90\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, true
|
||||
"bin/engine_srv.so"
|
||||
},
|
||||
// 9: dont reset cash to 16000 when buying an item
|
||||
{
|
||||
@ -205,24 +216,28 @@ static struct SrcdsPatch
|
||||
(unsigned char *)"\x3D\x80\x3E\x00\x00\x0F\x8F\xE8\x00\x00\x00",
|
||||
"xxxxxxxxxxx",
|
||||
(unsigned char *)"\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, false
|
||||
"cstrike/bin/server_srv.so"
|
||||
},
|
||||
/*// 10: fix server lagging resulting from too many ConMsgs due to packet spam ("%s:corrupted packet %i at %i\n")
|
||||
// 10: fix server lagging resulting from too many ConMsgs due to packet spam
|
||||
{
|
||||
"_ZN8CNetChan19ProcessPacketHeaderEP11netpacket_s",
|
||||
(unsigned char *)"\x89\x44\x24\x04\x89\x5C\x24\x0C\x89\x54\x24\x08\xE8\xE0\xAB\x22\x00",
|
||||
"xxxxxxxxxxxxx????",
|
||||
(unsigned char *)"\x89\x44\x24\x04\x89\x5C\x24\x0C\x89\x54\x24\x08\x90\x90\x90\x90\x90",
|
||||
0, 0, 0, true
|
||||
(unsigned char *)"_Z6ConMsgPKcz",
|
||||
"xxxxx",
|
||||
(unsigned char *)"\x90\x90\x90\x90\x90",
|
||||
"bin/engine_srv.so",
|
||||
0x7d1, 100,
|
||||
true, "bin/libtier0_srv.so"
|
||||
},
|
||||
// 11: fix server lagging resulting from too many ConMsgs due to packet spam ("Invalid split packet length %i\n")
|
||||
// 11: fix server lagging resulting from too many ConMsgs due to packet spam
|
||||
{
|
||||
"_Z11NET_GetLongiP11netpacket_s",
|
||||
(unsigned char *)"\x83\x8B\x43\x34\xC7\x04\x24\xEC\x7E\x24\x00\x89\x44\x24\x04\xE8\x32\x31\x22\x00\xE9\x6B\xFF\xFF\xFF\x90\x8D",
|
||||
"xxxx???????x????xxxxxxxxxxx",
|
||||
(unsigned char *)"\x83\x8B\x43\x34\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x32\x31\x22\x00\xE9\x6B\xFF\xFF\xFF\x90\x8D",
|
||||
0, 0, 0, true
|
||||
}*/
|
||||
(unsigned char *)"Msg",
|
||||
"xxxxx",
|
||||
(unsigned char *)"\x90\x90\x90\x90\x90",
|
||||
"bin/engine_srv.so",
|
||||
0x800, 100,
|
||||
true, "bin/libtier0_srv.so"
|
||||
},
|
||||
};
|
||||
|
||||
class CBaseEntity;
|
||||
@ -707,62 +722,91 @@ bool CSSFixes::SDK_OnLoad(char *error, size_t maxlength, bool late)
|
||||
g_SH_SkipTwoEntitiesShouldHitEntity = SH_ADD_DVPHOOK(CTraceFilterSkipTwoEntities, ShouldHitEntity, g_CTraceFilterSkipTwoEntities, SH_STATIC(ShouldHitEntity), true);
|
||||
g_SH_SimpleShouldHitEntity = SH_ADD_DVPHOOK(CTraceFilterSimple, ShouldHitEntity, g_CTraceFilterSimple, SH_STATIC(ShouldHitEntity), true);
|
||||
|
||||
void *pServerSo = dlopen("cstrike/bin/server_srv.so", RTLD_NOW);
|
||||
if(!pServerSo)
|
||||
{
|
||||
snprintf(error, maxlength, "Could not dlopen server_srv.so");
|
||||
SDK_OnUnload();
|
||||
return false;
|
||||
}
|
||||
|
||||
void *pEngineSo = dlopen("bin/engine_srv.so", RTLD_NOW);
|
||||
if(!pEngineSo)
|
||||
{
|
||||
snprintf(error, maxlength, "Could not dlopen engine_srv.so");
|
||||
SDK_OnUnload();
|
||||
return false;
|
||||
}
|
||||
|
||||
// Apply all patches
|
||||
for(size_t i = 0; i < sizeof(gs_Patches) / sizeof(*gs_Patches); i++)
|
||||
{
|
||||
struct SrcdsPatch *pPatch = &gs_Patches[i];
|
||||
int PatchLen = strlen(pPatch->pPatchPattern);
|
||||
|
||||
void *pBinary = pPatch->engine ? pEngineSo : pServerSo;
|
||||
void *pBinary = dlopen(pPatch->pLibrary, RTLD_NOW);
|
||||
if(!pBinary)
|
||||
{
|
||||
snprintf(error, maxlength, "Could not dlopen %s", pPatch->pLibrary);
|
||||
SDK_OnUnload();
|
||||
return false;
|
||||
}
|
||||
|
||||
pPatch->pAddress = (uintptr_t)memutils->ResolveSymbol(pBinary, pPatch->pSignature);
|
||||
dlclose(pBinary);
|
||||
if(!pPatch->pAddress)
|
||||
{
|
||||
snprintf(error, maxlength, "Could not find symbol: %s", pPatch->pSignature);
|
||||
dlclose(pServerSo);
|
||||
dlclose(pEngineSo);
|
||||
snprintf(error, maxlength, "Could not find symbol: %s in %s (%p)",
|
||||
pPatch->pSignature, pPatch->pLibrary, pBinary);
|
||||
SDK_OnUnload();
|
||||
return false;
|
||||
}
|
||||
|
||||
pPatch->pPatchAddress = FindPattern(pPatch->pAddress, pPatch->pPatchSignature, pPatch->pPatchPattern, 4096);
|
||||
if(!pPatch->pPatchAddress)
|
||||
SrcdsPatch::Restore **ppRestore = &pPatch->pRestore;
|
||||
|
||||
if(pPatch->functionCall)
|
||||
{
|
||||
snprintf(error, maxlength, "Could not find patch signature for symbol: %s", pPatch->pSignature);
|
||||
dlclose(pServerSo);
|
||||
dlclose(pEngineSo);
|
||||
void *pFunctionBinary = dlopen(pPatch->pFunctionLibrary, RTLD_NOW);
|
||||
if(!pFunctionBinary)
|
||||
{
|
||||
snprintf(error, maxlength, "Could not dlopen %s", pPatch->pFunctionLibrary);
|
||||
SDK_OnUnload();
|
||||
return false;
|
||||
}
|
||||
|
||||
pPatch->pOriginal = (unsigned char *)malloc(PatchLen * sizeof(unsigned char));
|
||||
pPatch->pSignatureAddress = (uintptr_t)memutils->ResolveSymbol(pFunctionBinary, (char *)pPatch->pPatchSignature);
|
||||
dlclose(pFunctionBinary);
|
||||
if(!pPatch->pSignatureAddress)
|
||||
{
|
||||
snprintf(error, maxlength, "Could not find patch signature symbol: %s in %s (%p)",
|
||||
(char *)pPatch->pPatchSignature, pPatch->pFunctionLibrary, pFunctionBinary);
|
||||
SDK_OnUnload();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
SourceHook::SetMemAccess((void *)pPatch->pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_WRITE|SH_MEM_EXEC);
|
||||
uintptr_t ofs = 0;
|
||||
int found;
|
||||
for(found = 0; found < pPatch->occurrences; found++)
|
||||
{
|
||||
uintptr_t pPatchAddress;
|
||||
if(pPatch->functionCall)
|
||||
pPatchAddress = FindFunctionCall(pPatch->pAddress + ofs, pPatch->pSignatureAddress, pPatch->range - ofs);
|
||||
else
|
||||
pPatchAddress = FindPattern(pPatch->pAddress + ofs, pPatch->pPatchSignature, pPatch->pPatchPattern, pPatch->range - ofs);
|
||||
|
||||
if(!pPatchAddress)
|
||||
{
|
||||
if(found)
|
||||
break;
|
||||
|
||||
snprintf(error, maxlength, "Could not find patch signature for symbol: %s", pPatch->pSignature);
|
||||
SDK_OnUnload();
|
||||
return false;
|
||||
}
|
||||
ofs = pPatchAddress - pPatch->pAddress + PatchLen;
|
||||
|
||||
// Create restore object
|
||||
*ppRestore = (SrcdsPatch::Restore *)new SrcdsPatch::Restore();
|
||||
SrcdsPatch::Restore *pRestore = *ppRestore;
|
||||
pRestore->pPatchAddress = pPatchAddress;
|
||||
pRestore->pOriginal = (unsigned char *)malloc(PatchLen * sizeof(unsigned char));
|
||||
|
||||
SourceHook::SetMemAccess((void *)pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_WRITE|SH_MEM_EXEC);
|
||||
for(int j = 0; j < PatchLen; j++)
|
||||
{
|
||||
pPatch->pOriginal[j] = *(unsigned char *)(pPatch->pPatchAddress + j);
|
||||
*(unsigned char *)(pPatch->pPatchAddress + j) = pPatch->pPatch[j];
|
||||
}
|
||||
SourceHook::SetMemAccess((void *)pPatch->pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_EXEC);
|
||||
pRestore->pOriginal[j] = *(unsigned char *)(pPatchAddress + j);
|
||||
*(unsigned char *)(pPatchAddress + j) = pPatch->pPatch[j];
|
||||
}
|
||||
SourceHook::SetMemAccess((void *)pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_EXEC);
|
||||
|
||||
dlclose(pServerSo);
|
||||
dlclose(pEngineSo);
|
||||
ppRestore = &((*ppRestore)->pNext);
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
@ -849,18 +893,26 @@ void CSSFixes::SDK_OnUnload()
|
||||
struct SrcdsPatch *pPatch = &gs_Patches[i];
|
||||
int PatchLen = strlen(pPatch->pPatchPattern);
|
||||
|
||||
if(!pPatch->pOriginal)
|
||||
continue;
|
||||
SrcdsPatch::Restore *pRestore = pPatch->pRestore;
|
||||
while(pRestore)
|
||||
{
|
||||
if(!pRestore->pOriginal)
|
||||
break;
|
||||
|
||||
SourceHook::SetMemAccess((void *)pPatch->pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_WRITE|SH_MEM_EXEC);
|
||||
SourceHook::SetMemAccess((void *)pRestore->pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_WRITE|SH_MEM_EXEC);
|
||||
for(int j = 0; j < PatchLen; j++)
|
||||
{
|
||||
*(unsigned char *)(pPatch->pPatchAddress + j) = pPatch->pOriginal[j];
|
||||
*(unsigned char *)(pRestore->pPatchAddress + j) = pRestore->pOriginal[j];
|
||||
}
|
||||
SourceHook::SetMemAccess((void *)pPatch->pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_EXEC);
|
||||
SourceHook::SetMemAccess((void *)pRestore->pPatchAddress, PatchLen, SH_MEM_READ|SH_MEM_EXEC);
|
||||
|
||||
free(pPatch->pOriginal);
|
||||
pPatch->pOriginal = NULL;
|
||||
free(pRestore->pOriginal);
|
||||
pRestore->pOriginal = NULL;
|
||||
|
||||
void *freeMe = pRestore;
|
||||
pRestore = pRestore->pNext;
|
||||
free(freeMe);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -40,7 +40,7 @@
|
||||
/* Basic information exposed publicly */
|
||||
#define SMEXT_CONF_NAME "CSSFixes"
|
||||
#define SMEXT_CONF_DESCRIPTION "Patches bugs in the CSS server binary and more..."
|
||||
#define SMEXT_CONF_VERSION "1.17"
|
||||
#define SMEXT_CONF_VERSION "1.18"
|
||||
#define SMEXT_CONF_AUTHOR "BotoX"
|
||||
#define SMEXT_CONF_URL ""
|
||||
#define SMEXT_CONF_LOGTAG "CSSFIXES"
|
||||
|
Loading…
Reference in New Issue
Block a user