Closed maoxian123 closed 1 year ago
if (size < 4)
{
VMMDLL_Scatter_Prepare(g_hS, addr, 4);
}
else
{
VMMDLL_Scatter_Prepare(g_hS, addr, size);
}
byte data_temp[4];
VMMDLL_Scatter_ExecuteRead(g_hS);
if (size < 4)
{
VMMDLL_Scatter_Read(g_hS, addr, 4, data_temp, NULL);
memcpy(out_data, data_temp, size);
}
else
{
VMMDLL_Scatter_Read(g_hS, addr, size, (PBYTE)out_data, NULL);
}
I have test for this code,it works. If VMMDLL_Scatter_Prepare for size < 4 and VMMDLL_Scatter_Read for size <4,it failed. If VMMDLL_Scatter_Prepare for size 4 and VMMDLL_Scatter_Read for size <4,it failed.
Only VMMDLL_Scatter_Prepare for size 4 and VMMDLL_Scatter_Read for size 4,then you memcpy the temp read data to out_data,you can successed.
So i think is the VMMDLL_Scatter_Read have something wrong,
are you using the most recent version. i.e. the all dll files from the MemProcFS_files_and_binaries_v5.8.4-win_x64-20230921.zip download? (both leechcore.dll and vmm.dll).
I fixed some bugs a week ago or so. Just making sure you're on the most recent version before I look into this.
are you using the most recent version. i.e. the all dll files from the MemProcFS_files_and_binaries_v5.8.4-win_x64-20230921.zip download? (both leechcore.dll and vmm.dll).
I fixed some bugs a week ago or so. Just making sure you're on the most recent version before I look into this.
yes,it's the latest. And the trouble real exist in the latest version(5.8.4 5.8.3).
I found a small bug when doing tiny reads. I'm not completely sure it's your issue, but please try the new version and let me know if it resolves your issue.
@ufrisk Would this possibly affect the older VMMDLL_MemReadScatter function as well? I just downloaded 5.8.4 but wondering if i should grab this since I use scatter reads quite frequently 😁 Although I think I read at least 4 bytes in every read, so may not matter.
@ufrisk Would this possibly affect the older VMMDLL_MemReadScatter function as well? I just downloaded 5.8.4 but wondering if i should grab this since I use scatter reads quite frequently 😁 Although I think I read at least 4 bytes in every read, so may not matter.
I have tested,VMMDLL_MemReadScatter is work well in all small size.
@imerzan this bug exists in all prior versions. It however only affects 1, 2 or 3-byte reads at certain alignments. If you do 4-byte reads at a minimum you should be fine.
@maoxian123 thank you for reporting this bug and confirming it has been resolved.
VMMDLL_Scatter_PrepareEx(g_hS, addr, size, (PBYTE)out_data, &read_count);
When the size = 2,read_count=0,the value is null; and when the size =4,read_count=4,and get the value success. i.e: addr=1ffcb8262f4 size=2