Skip to content

Commit 7147190

Browse files
committed
fix(core/rdr3): weaponinfo crash mitigation
1 parent ea2994c commit 7147190

1 file changed

Lines changed: 79 additions & 0 deletions

File tree

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
#include <StdInc.h>
2+
3+
#include "atArray.h"
4+
#include "Hooking.h"
5+
#include "Hooking.Stubs.h"
6+
7+
static hook::cdecl_stub<void*(uint32_t*)> getWeaponInfo([]()
8+
{
9+
return hook::get_call(hook::get_pattern("E8 ? ? ? ? 48 83 C4 ? C3 48 8B 41 ? 48 8B 40"));
10+
});
11+
12+
static bool IsWeaponInfoValid(uint32_t weaponHash)
13+
{
14+
// this function checks if weaponHash returns a valid CItemInfo and that it is a CWeaponInfo instance.
15+
void* weaponInfo = getWeaponInfo(&weaponHash);
16+
return weaponInfo ? true : false;
17+
}
18+
19+
static HookFunction hookFunction([]
20+
{
21+
// Check if CWeaponInfo from CWeaponDamageEvent is valid before continuing
22+
{
23+
auto location = hook::get_pattern<char>("4C 8D 6F ? 45 8B 45");
24+
25+
static struct : jitasm::Frontend
26+
{
27+
uintptr_t retnSuccess;
28+
uintptr_t retnFail;
29+
30+
void Init(uintptr_t success, uintptr_t fail)
31+
{
32+
retnSuccess = success;
33+
retnFail = fail;
34+
}
35+
36+
virtual void InternalMain() override
37+
{
38+
// Original Code
39+
lea(r13, qword_ptr[rdi + 0x58]);
40+
mov(r8d, dword_ptr[r13]);
41+
42+
test(r8d, r8d);
43+
jz("Fail");
44+
45+
mov(ecx, r8d);
46+
47+
push(rcx);
48+
push(rdx);
49+
push(r8);
50+
push(r9);
51+
52+
mov(rax, reinterpret_cast<uintptr_t>(&IsWeaponInfoValid));
53+
call(rax);
54+
55+
pop(r9);
56+
pop(r8);
57+
pop(rdx);
58+
pop(rcx);
59+
60+
test(al, al);
61+
jz("Fail");
62+
63+
mov(rcx, retnSuccess);
64+
jmp(rcx);
65+
66+
L("Fail");
67+
mov(rcx, retnFail);
68+
jmp(rcx);
69+
}
70+
} patchStub;
71+
72+
const uintptr_t retnSuccess = (uintptr_t)location + 8;
73+
const uintptr_t retnFailure = (uintptr_t)hook::get_pattern("32 C0 E9 ? ? ? ? 44 38 35");
74+
75+
hook::nop(location, 8);
76+
patchStub.Init(retnSuccess, retnFailure);
77+
hook::jump_rcx(location, patchStub.GetCode());
78+
}
79+
});

0 commit comments

Comments
 (0)