Fixed allocation counter

dedmen · Oct 28, 2024 · 6d3ffb3 · 6d3ffb3
1 parent 264dfe7
commit 6d3ffb3
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 46 deletions.
diff --git a/src/FAllocHook.cpp b/src/FAllocHook.cpp
@@ -2,9 +2,12 @@
 #include <containers.hpp>
 #include "AdapterTracy.hpp"
 extern std::shared_ptr<ProfilerAdapter> GProfilerAdapter;
-#include <Tracy.hpp>
+#define TRACY_ENABLE
+#include <tracy/Tracy.hpp>
 using namespace std::string_view_literals;
 
+#include <intercept.hpp>
+
 FAllocHook::FAllocHook()
 {
 }
@@ -23,62 +26,29 @@ extern "C" {
 
     void afterAlloc() {
         auto tracyProf = std::reinterpret_pointer_cast<AdapterTracy>(GProfilerAdapter);
-        tracyProf->setCounter(allocalloctmp->_allocName, allocalloctmp->allocated_count);
+        tracyProf->setCounter(allocalloctmp->_allocName, (int64_t)allocalloctmp->allocated_count);
     }
 
     void afterFree() {
         auto tracyProf = std::reinterpret_pointer_cast<AdapterTracy>(GProfilerAdapter);
-        tracyProf->setCounter(freealloctmp->_allocName, freealloctmp->allocated_count);
+        tracyProf->setCounter(freealloctmp->_allocName, (int64_t)freealloctmp->allocated_count);
     }
 
 
     void engineAllocRedir();
     void engineFreeRedir();
 }
 
-
-HookManager::Pattern pat_allocReg{ // "Out of FastCAlloc slots"
-    "xxxxxxxxxxxxxxx?????x????xxx????xx????xxxxx????xxxxxxxxxxx????xxxxxxxxx????x????xxxxxxxxx"sv,
-    "\x40\x53\x48\x83\xEC\x30\x45\x33\xC9\x48\x8B\xD9\xC7\x44\x24\x00\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x48\x63\x15\x00\x00\x00\x00\x81\xFA\x00\x00\x00\x00\x7D\x1C\x48\x8D\x0D\x00\x00\x00\x00\x48\x8B\xC3\x48\x89\x1C\xD1\xFF\xC2\x89\x15\x00\x00\x00\x00\x48\x83\xC4\x30\x5B\xC3\x48\x8D\x0D\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x48\x8B\xC3\x48\x83\xC4\x30\x5B\xC3"sv
-};
-
-HookManager::Pattern pat_allocC{
-    "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx????xxxx????xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx????xxxxxxxxxxx"sv,
-    "\x40\x53\x48\x83\xEC\x20\xFF\x41\x60\x48\x8B\x41\x08\x48\x8B\xD9\x48\x3B\xC1\x74\x0B\x48\x85\xC0\x74\x06\x48\x83\xC0\xE0\x75\x2B\x48\x8D\x41\x18\x48\x8B\x49\x20\x48\x3B\xC8\x74\x0E\x48\x85\xC9\x74\x09\x48\x8D\x41\xE0\x48\x85\xC0\x75\x10\x48\x8B\xCB\xE8\x00\x00\x00\x00\x84\xC0\x0F\x84\x00\x00\x00\x00\x4C\x8B\x43\x08\x32\xC9\x45\x33\xD2\x4C\x3B\xC3\x74\x0B\x4D\x85\xC0\x74\x06\x49\x83\xC0\xE0\x75\x2A\x4C\x8B\x43\x20\x48\x8D\x43\x18\x4C\x3B\xC0\x0F\x84\x00\x00\x00\x00\x4D\x85\xC0\x74\x06\x49\x83\xC0\xE0\xEB\x03"sv
-};
-
-HookManager::Pattern pat_freeC{
-    "xxxxx????xxxxxxxxxxxxx?xxxxxxxxxxxxxxxxxxxxxxx????x????xxxxxx????xxxxxxx?xxxxxx????xxxxxxxxxx??xxxxxxxxxxx"sv,
-    "\x48\x85\xD2\x0F\x84\x00\x00\x00\x00\x53\x48\x83\xEC\x20\x48\x63\x41\x58\x48\x89\x7C\x24\x00\x48\x8B\xFA\x48\xFF\xC8\x48\x8B\xD9\x48\x23\xC2\x48\x2B\xF8\x83\x3F\x00\x74\x28\x48\x8D\x0D\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x44\x8B\x07\x48\x8D\x0D\x00\x00\x00\x00\x48\x8B\xD7\x48\x8B\x7C\x24\x00\x48\x83\xC4\x20\x5B\xE9\x00\x00\x00\x00\x48\x8B\x47\x18\x48\x89\x02\x48\x83\x7F\x00\x00\x48\x89\x57\x18\x0F\x94\xC0\x48\x89\x7A\x08"sv
-};
-
 void FAllocHook::init() {
 #ifndef __linux__
-    auto found = hooks.findPattern(pat_allocReg, 0x0);
-
-
-
-    auto aicp = *reinterpret_cast<uint32_t*>(found + 0x1C);
-    auto rip = found + 0x20;
-    auto aic = *reinterpret_cast<int32_t*>(rip + aicp);
-
-    //+1C 
-    //70 C4 4C 01
-    //014cc470
-    //0002932C90
-
-
-    auto aidp = *reinterpret_cast<uint32_t*>(found + 0x2B);
-    rip = found + 0x2F;
-    auto aid = reinterpret_cast<intercept::types::rv_pool_allocator**>(rip + aidp);
-    //71 C4 4C 01
-
+    auto poolAlloc = intercept::client::host::functions.get_engine_allocator()->poolFuncAlloc;
+    auto poolDealloc = intercept::client::host::functions.get_engine_allocator()->poolFuncDealloc;
 
-    auto allocF = hooks.findPattern(pat_allocC);
-    engineAlloc = hooks.placeHookTotalOffs(allocF, reinterpret_cast<uintptr_t>(engineAllocRedir))+2;
+    auto allocF = poolAlloc; // hooks.findPattern(pat_allocC);
+    engineAlloc = hooks.placeHookTotalOffs(allocF, reinterpret_cast<uintptr_t>(engineAllocRedir))+4;
 
-    auto FreeF = hooks.findPattern(pat_freeC);
-    engineFree = hooks.placeHookTotalOffs(FreeF + 0x9, reinterpret_cast<uintptr_t>(engineFreeRedir));
+    auto FreeF = poolDealloc; // We inject after the null check
+    engineFree = hooks.placeHookTotalOffs(FreeF + 0x9, reinterpret_cast<uintptr_t>(engineFreeRedir))+1;
     //
     //__debugbreak();
 #endif

diff --git a/src/hooks.asm b/src/hooks.asm
@@ -136,29 +136,36 @@ _TEXT    SEGMENT
 	doEngineAlloc PROC
 
 		;fixup
-		push    rbx
+		mov     [rsp+8], rbx
+		mov     [rsp+10h], rsi
+		push    rdi
 		sub     rsp, 20h
 		inc     dword ptr [rcx+60h]
-		mov     rax, [rcx+8]
-		mov     rbx, rcx
+
 		jmp		engineAlloc;
 
     doEngineAlloc ENDP
 
 	doEngineFree PROC
 
 		;fixup
+
 		push    rbx
 		sub     rsp, 20h
 		movsxd  rax, dword ptr [rcx+58h]
-		mov     [rsp+30h], rdi
+		mov     rbx, rcx
+		dec     rax
+
 		jmp		engineFree;
     doEngineFree ENDP
 
 
 	;##########
     PUBLIC engineAllocRedir
     engineAllocRedir PROC
+
+		sub rsp, 20h ; Stack saver, otherwise we corrupt smth
+
 		mov allocalloctmp, rcx; get rid of this and just keep rcx on stack
 		call doEngineAlloc;
 		push rax;
@@ -175,12 +182,17 @@ _TEXT    SEGMENT
 		pop rcx;
 		pop rax;
 
+		add rsp, 20h ; Undo the stack saver
+
 		ret
     engineAllocRedir ENDP
 
 	;##########
     PUBLIC engineFreeRedir
     engineFreeRedir PROC
+
+		;sub rsp, 40h ; Stack saver, otherwise we corrupt smth
+
 		mov freealloctmp, rcx; get rid of this, I keep track of rcx now anyway
 		push rax;
 		push r8;
@@ -194,6 +206,9 @@ _TEXT    SEGMENT
 		pop rcx;
 		pop r8;
 		pop rax;
+
+		;add rsp, 40h ; Undo the stack saver
+
 		ret
     engineFreeRedir ENDP