chizui/Il2CppInspectorRedux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PE32+: Get function table correctly

Browse Source
This commit is contained in:
Katy Coe
2019-10-28 23:23:07 +01:00
parent c5d62330e5
commit 55ffc12348
1 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
Il2CppInspector/FileFormatReaders/PEReader.cs
View File

@@ -81,7 +81,21 @@ namespace Il2CppInspector
return false; return false;
// Calculate start of function pointer table // Calculate start of function pointer table
pFuncTable = rData.PointerToRawData + IATSize + 8; pFuncTable = rData.PointerToRawData + IATSize;
// Skip over __guard_check_icall_fptr and __guard_dispatch_icall_fptr if present, then the following zero offset
Position = pFuncTable;
if (pe is PEOptHeader32) {
while (ReadUInt32() != 0)
pFuncTable += 4;
pFuncTable += 4;
}
else {
while (ReadUInt64() != 0)
pFuncTable += 8;
pFuncTable += 8;
}
GlobalOffset = pe.ImageBase; GlobalOffset = pe.ImageBase;
return true; return true;
} }
@@ -89,8 +103,8 @@ namespace Il2CppInspector
public override uint[] GetFunctionTable() { public override uint[] GetFunctionTable() {
Position = pFuncTable; Position = pFuncTable;
var addrs = new List<uint>(); var addrs = new List<uint>();
uint addr; ulong addr;
while ((addr = ReadUInt32()) != 0) while ((addr = pe is PEOptHeader32? ReadUInt32() : ReadUInt64()) != 0)
addrs.Add(MapVATR(addr) & 0xfffffffc); addrs.Add(MapVATR(addr) & 0xfffffffc);
return addrs.ToArray(); return addrs.ToArray();
} }