[3jorn]

I'm trying to use the SigScan presented on AlliedMods, but it didn't work.
I've debugged it down to

Code:

GetDllMemInfo() Failed

I'm compiling a pure server plugin on Linux.

Code:

void SigScan::Init(unsigned char *sig, char *mask, size_t len) {
   is_set = 0;

   Msg("Attempting to find signature : %s \n", sig);

   sig_len = len;
   sig_str = new unsigned char[sig_len];
   ustrncpy(sig_str, sig, sig_len);

   sig_mask = new char[sig_len+1];
   strncpy(sig_mask, mask, sig_len);
   sig_mask[sig_len+1] = 0;

   if(!base_addr) {
        Msg("GetDllMemInfo() failed\n");
         return ; // GetDllMemInfo() Failed
   }
     

   if((sig_addr = FindSignature()) == NULL) {
        Msg("FindSignature() failed\n");
        return ; // FindSignature() Failed
   }
      

   is_set = 1;
   // SigScan Successful!
}

and fails in here

Code:

if(!dladdr(pAddr, &info)) {
       Msg("FAILED: !dladdr(pAddr, &info)\n");
        return false;
   }

[3jorn]

Update. I've added

Code:

extern IVEngineServer            *engine;
extern IServerGameDLL            *serverdll;

To my sigscan.cpp and changed

Code:

bool SigScan::GetDllMemInfo(void) {
   //void *pAddr = (void*)sigscan_dllfunc;
    void *pAddr = &serverdll;

This then gives me the address where serverdll is loaded (0xb6bc7ec4)
and successfully retrieve the base address.

Code:

BASE_ADDR: 0xb1e45000
BASE_LEN: 177629

When I then try to run a ignite test

Code:

CBaseAnimating *pAnimating = (CBaseAnimating*)CBaseEntity::Instance(pEntity);
        Msg("Attempting to burn player\n");
        CBaseAnimating_Ignite(pAnimating, 2000);
        Msg("Command executed\n");

        return PLUGIN_STOP;

The server crashes at this:

Code:

  // GCC pushes the CBaseAnimating object for us automaticly
thisfunc(cba, flFlameLifetime, (bool)bNPCOnly, flSize, (bool)bCalledByLevelDesigner);

Any clues? I'm all out of ideas

[API]

I am pretty sure SourceMM gives you functions for signature scanning.

[mooman2]

nope, ya gotta do it yourself

are you sure you have the right signature?

[3jorn]

Quote:

Originally Posted by mooman2 nope, ya gotta do it yourself are you sure you have the right signature?

Yeah, I double checked with the Wiki-list.

[API]

Are you sure your DllMemInfo is correct?

[3jorn]

Quote:

Originally Posted by pimpinjuice Are you sure your DllMemInfo is correct?

Not entirely sure, I do this

Code:

bool SigScan::GetDllMemInfo(void) {
   //void *pAddr = (void*)sigscan_dllfunc;
    void *pAddr = &serverdll;

This then gives me the address where serverdll is loaded (0xb6bc7ec4)
and successfully retrieve the base address.

Code:

BASE_ADDR: 0xb1e45000
BASE_LEN: 177629

[BAILOPAN]

&serverdll looks extremely suspect. You're taking the address in your own data section?

You should just use serverdll directly, or better yet, an actual function like void *addr = (void *)g_SMAPI->serverFactory(false);

[mikey_trw]

Sorry to resurrect a long dead thread but i had a similar problem, the "*addr = (void *)g_SMAPI->serverFactory(false);" line fixed the problem with grabbing the address of the server .so file, but now it crashes while scanning the memory for the function signature.

The DL_info struct seem to be correct, it contains the right file name (server_i486.so) and the length matches the size of that file (about 15.1 mil bytes) but it crashes when trying to access the 13,418,497 th byte, have NO IDEA why, any help would be greatly appreciated.

Heres the function code, seems to crash on accessing the pBasePtr[i] variables on the forementioned loop.

Code:

/* Scan for the signature in memory then return the starting position's address */
void* CSigScan::FindSignature(void) {

    unsigned char *pBasePtr = base_addr;
    unsigned char *pEndPtr = base_addr+base_len;
    size_t i;

    while(pBasePtr < pEndPtr) {

        for(i=0; i<sig_len; i++) {

		if((sig_mask[i] != '?') && (sig_str[i] != pBasePtr[i])) {

                	break;
		}
        }
 
        // If 'i' reached the end, we know we have a match!
	if(i == sig_len) {
            return (void*)pBasePtr;
	}
 
        pBasePtr++;
    }
 
    return NULL;
}

[BAILOPAN]

Unfortunately that's not very reliable. There's two other methods that work well:

From SourceMod: Parsing and adding up the ELF section sizes.
From CSDM: Finding the address range from /proc/self/maps (there are certain cases that break this but I forget them, they're uncommon)