Closed Nukoooo closed 3 months ago
This is good, I did something similar (but didn't cache from files) and it improves sigscans speed quite a bit.
I'm assuming this means then if you call a virtual function that has been hooked, you will find the newly trampolined address and that works as expected?
the newly trampolined address
I'm not sure what this means, if it means the address of a hooked function then yes, this PR addresses this issue.
Testing this on Linux, the TestPlugin SwitchTeam hook no longer works, because it doesn't appear to be able to find the module:
[01:09:54.385] CSSharp: Cannot find module /home/container/game/csgo/bin/linuxsteamrt64/libserver.so.
The file obviously very much exists, but doesn't appear to be loaded into the map
@Nukoooo Ready to merge?
I can't really think of anything to add/improve right now, so yeah please merge :)
Why
With the current implementation of
FindSignature
, we scan bytes in memory, which can get patched or modified during runtime, and if we try to scan bytes that are patched then it results in a failure. Here is the minimum code to reproduce:What's changed in this PR
engine2
andserver
libraries, they read bytes from disk instead of memory to prevent some functions gets hooked before loading the plugin frameworkCreateInterface
symbolCSSHARP_CORE_DEBUG