void applyFPSPatch() { enableGFWLCompatibility(); // Get imageBase HANDLE exeHandle = NULL; originalBase = 0x0400000; exeHandle = GetModuleHandle(NULL); if(exeHandle != NULL) imageBase = (DWORD)exeHandle; // Patches //-------------------------------------------------------------- DWORD address; DWORD data; // Override D3D Presentation Interval address = convertAddress(0x010275AE); data = 5; //Set to immediate writeToAddress(&data, address, sizeof(data)); // Detour Render loop entry address = convertAddress(0x00BD6000); DetourApply((BYTE*)address, (BYTE*)renderLoopEntry, 6, 0); SDLOG(0, "FPS rate unlocked\n"); }
//---------------------------------------------------------------------------------------- // Game Patches //---------------------------------------------------------------------------------------- void applyFPSPatch() { enableGFWLCompatibility(); // Get imageBase HANDLE exeHandle = NULL; originalBase = 0x0400000; exeHandle = GetModuleHandle(NULL); if(exeHandle != NULL) imageBase = (DWORD)exeHandle; // Init counter for frame-rate calculations lastRenderTime = 0.0f; QueryPerformanceFrequency(&timerFreq); QueryPerformanceCounter(&counterAtStart); // Binary patches //-------------------------------------------------------------- DWORD address; DWORD data; // Override D3D Presentation Interval address = convertAddress(ADDR_PRESINT); data = 5; //Set to immediate writeToAddress(&data, address, sizeof(data)); // Detour call to getDrawThreadMsgCommand address = convertAddress(ADDR_GETCMD); DetourApply((BYTE*)address, (BYTE*)getDrawThreadMsgCommand, 5, CALLOP); SDLOG(0, "FPS rate unlocked\n"); }
QString QBluetoothSocketPrivate::peerName() const { quint64 bdaddr; if (socketType == QBluetoothServiceInfo::RfcommProtocol) { sockaddr_rc addr; socklen_t addrLength = sizeof(addr); if (::getpeername(socket, reinterpret_cast<sockaddr *>(&addr), &addrLength) < 0) return QString(); convertAddress(addr.rc_bdaddr.b, bdaddr); } else if (socketType == QBluetoothServiceInfo::L2capProtocol) { sockaddr_l2 addr; socklen_t addrLength = sizeof(addr); if (::getpeername(socket, reinterpret_cast<sockaddr *>(&addr), &addrLength) < 0) return QString(); convertAddress(addr.l2_bdaddr.b, bdaddr); } else { qCWarning(QT_BT_BLUEZ) << "peerName() called on socket of unknown type"; return QString(); } const QString peerAddress = QBluetoothAddress(bdaddr).toString(); const QString localAdapter = localAddress().toString(); if (isBluez5()) { OrgFreedesktopDBusObjectManagerInterface manager(QStringLiteral("org.bluez"), QStringLiteral("/"), QDBusConnection::systemBus()); QDBusPendingReply<ManagedObjectList> reply = manager.GetManagedObjects(); reply.waitForFinished(); if (reply.isError()) return QString(); foreach (const QDBusObjectPath &path, reply.value().keys()) { const InterfaceList ifaceList = reply.value().value(path); foreach (const QString &iface, ifaceList.keys()) { if (iface == QStringLiteral("org.bluez.Device1")) { if (ifaceList.value(iface).value(QStringLiteral("Address")).toString() == peerAddress) return ifaceList.value(iface).value(QStringLiteral("Alias")).toString(); } } } return QString(); } else {
/* Is 'generate' really the right name? */ in_addr_t generateRandomAddress() { in_addr_t address; convertAddress(addresses[(1 + rand()) % NUMBER_OF_ADDRESSES], &address); return address; }
QBluetoothAddress HciManager::addressForConnectionHandle(quint16 handle) const { if (!isValid()) return QBluetoothAddress(); hci_conn_info *info; hci_conn_list_req *infoList; const int maxNoOfConnections = 20; infoList = (hci_conn_list_req *) malloc(sizeof(hci_conn_list_req) + maxNoOfConnections * sizeof(hci_conn_info)); if (!infoList) return QBluetoothAddress(); QScopedPointer<hci_conn_list_req, QScopedPointerPodDeleter> p(infoList); p->conn_num = maxNoOfConnections; p->dev_id = hciDev; info = p->conn_info; if (ioctl(hciSocket, HCIGETCONNLIST, (void *) infoList) < 0) { qCWarning(QT_BT_BLUEZ) << "Cannot retrieve connection list"; return QBluetoothAddress(); } for (int i = 0; i < infoList->conn_num; i++) { if (info[i].handle == handle) return QBluetoothAddress(convertAddress(info[i].bdaddr.b)); } return QBluetoothAddress(); }
void updateAnimationStepTime(float stepTime, float minFPS, float maxFPS) { float FPS = 1.0f/(stepTime/1000); if (FPS < minFPS) stepTime = minFPS; else if (stepTime > maxFPS) FPS = maxFPS; float cappedStep = 1/(float)FPS; DWORD data = *(DWORD*)&cappedStep; writeToAddress(&data, convertAddress(0x012497F0), sizeof(data)); }
// Memory //------------------------------------ void updateAnimationStepTime(float stepTime, float minFPS, float maxFPS) { float FPS = 1.0f/(stepTime/1000); if (FPS < minFPS) FPS = minFPS; else if (FPS > maxFPS) FPS = maxFPS; float cappedStep = 1/(float)FPS; if(RSManager::get().isPaused()) cappedStep = 0.000000000000000001f; DWORD data = *(DWORD*)&cappedStep; writeToAddress(&data, convertAddress(ADDR_TS), sizeof(data)); }
QBluetoothAddress QBluetoothSocketPrivate::localAddress() const { if (socketType == QBluetoothServiceInfo::RfcommProtocol) { sockaddr_rc addr; socklen_t addrLength = sizeof(addr); if (::getsockname(socket, reinterpret_cast<sockaddr *>(&addr), &addrLength) == 0) { quint64 bdaddr; convertAddress(addr.rc_bdaddr.b, bdaddr); return QBluetoothAddress(bdaddr); } } else if (socketType == QBluetoothServiceInfo::L2capProtocol) { sockaddr_l2 addr; socklen_t addrLength = sizeof(addr); if (::getsockname(socket, reinterpret_cast<sockaddr *>(&addr), &addrLength) == 0) { quint64 bdaddr; convertAddress(addr.l2_bdaddr.b, bdaddr); return QBluetoothAddress(bdaddr); } } return QBluetoothAddress(); }
int HciManager::hciForAddress(const QBluetoothAddress &deviceAdapter) { if (hciSocket < 0) return -1; bdaddr_t adapter; convertAddress(deviceAdapter.toUInt64(), adapter.b); struct hci_dev_req *devRequest = 0; struct hci_dev_list_req *devRequestList = 0; struct hci_dev_info devInfo; const int devListSize = sizeof(struct hci_dev_list_req) + HCI_MAX_DEV * sizeof(struct hci_dev_req); devRequestList = (hci_dev_list_req *) malloc(devListSize); if (!devRequestList) return -1; QScopedPointer<hci_dev_list_req, QScopedPointerPodDeleter> p(devRequestList); memset(p.data(), 0, devListSize); p->dev_num = HCI_MAX_DEV; devRequest = p->dev_req; if (ioctl(hciSocket, HCIGETDEVLIST, devRequestList) < 0) return -1; for (int i = 0; i < devRequestList->dev_num; i++) { devInfo.dev_id = (devRequest+i)->dev_id; if (ioctl(hciSocket, HCIGETDEVINFO, &devInfo) < 0) { continue; } int result = memcmp(&adapter, &devInfo.bdaddr, sizeof(bdaddr_t)); if (result == 0 || deviceAdapter.isNull()) // addresses match return devInfo.dev_id; } return -1; }
void QBluetoothSocketPrivate::connectToService(const QBluetoothAddress &address, quint16 port, QIODevice::OpenMode openMode) { Q_Q(QBluetoothSocket); int result = -1; if (socket == -1 && !ensureNativeSocket(socketType)) { errorString = QBluetoothSocket::tr("Unknown socket error"); q->setSocketError(QBluetoothSocket::UnknownSocketError); return; } if (socketType == QBluetoothServiceInfo::RfcommProtocol) { sockaddr_rc addr; memset(&addr, 0, sizeof(addr)); addr.rc_family = AF_BLUETOOTH; addr.rc_channel = port; convertAddress(address.toUInt64(), addr.rc_bdaddr.b); connectWriteNotifier->setEnabled(true); readNotifier->setEnabled(true);QString(); result = ::connect(socket, (sockaddr *)&addr, sizeof(addr)); } else if (socketType == QBluetoothServiceInfo::L2capProtocol) { sockaddr_l2 addr; memset(&addr, 0, sizeof(addr)); addr.l2_family = AF_BLUETOOTH; // This is an ugly hack but the socket class does what's needed already. // For L2CP GATT we need a channel rather than a socket and the LE address type // We don't want to make this public API offering for now especially since // only Linux (of all platforms supported by this library) supports this type // of socket. #if defined(QT_BLUEZ_BLUETOOTH) && !defined(QT_BLUEZ_NO_BTLE) if (lowEnergySocketType) { addr.l2_cid = htobs(port); addr.l2_bdaddr_type = lowEnergySocketType; } else { addr.l2_psm = htobs(port); } #else addr.l2_psm = htobs(port); #endif convertAddress(address.toUInt64(), addr.l2_bdaddr.b); connectWriteNotifier->setEnabled(true); readNotifier->setEnabled(true); result = ::connect(socket, (sockaddr *)&addr, sizeof(addr)); } if (result >= 0 || (result == -1 && errno == EINPROGRESS)) { connecting = true; q->setSocketState(QBluetoothSocket::ConnectingState); q->setOpenMode(openMode); } else { errorString = qt_error_string(errno); q->setSocketError(QBluetoothSocket::UnknownSocketError); } }
//---------------------------------------------------------------------------------------- // Game Patches //---------------------------------------------------------------------------------------- void applyFPSPatch() { SDLOG(0, "Starting FPS unlock...\n"); #ifndef WITHOUT_GFWL_LIB SDLOG(0, "Applying GFWL compatibility\n"); enableGFWLCompatibility(); #endif // Get image info MODULEINFO moduleInfo; PIMAGE_DOS_HEADER dosHeader; PIMAGE_NT_HEADERS ntHeader; IMAGE_FILE_HEADER header; if(GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &moduleInfo, sizeof(moduleInfo))) { ImageBase = (DWORD)moduleInfo.lpBaseOfDll; SDLOG(0, "ImageBase at 0x%08X\n", ImageBase); dosHeader = (PIMAGE_DOS_HEADER)ImageBase; ntHeader = (PIMAGE_NT_HEADERS)((DWORD)(dosHeader) + (dosHeader->e_lfanew)); header = ntHeader->FileHeader; DWORD TimeStamp = header.TimeDateStamp; SDLOG(0, "Executable timestamp: 0x%08X, config: 0x%08X\n", TimeStamp, EXE_TIMESTAMP); // Perform pattern matching if timestamp differs if (TimeStamp != EXE_TIMESTAMP) { SDLOG(0, "Trying pattern matching...\n"); DWORD address; address = GetMemoryAddressFromPattern(NULL, TS_PATTERN, TS_OFFSET); if(address != NULL) { SDLOG(0, "ADDR_TS found at 0x%08X\n", address); ADDR_TS = address; } else { SDLOG(0, "Could not match ADDR_TS pattern, FPS not unlocked\n"); return; } address = GetMemoryAddressFromPattern(NULL, PRESINT_PATTERN, PRESINT_OFFSET); if(address != NULL) { SDLOG(0, "ADDR_PRESINT found at 0x%08X\n", address); ADDR_PRESINT = address; } else { SDLOG(0, "Could not match ADDR_PRESINT pattern, FPS not unlocked\n"); return; } address = GetMemoryAddressFromPattern(NULL, GETCMD_PATTERN, GETCMD_OFFSET); if(address != NULL) { SDLOG(0, "ADDR_GETCMD found at 0x%08X\n", address); ADDR_GETCMD = address; } else { SDLOG(0, "Could not match ADDR_GETCMD pattern, FPS not unlocked\n"); return; } SDLOG(0, "Pattern matching successful\n"); } else SDLOG(0, "Using configured addresses\n"); } else { SDLOG(0, "GetModuleInformation failed, FPS not unlocked\n"); return; } // Init counter for frame-rate calculations lastRenderTime = 0.0f; QueryPerformanceFrequency(&timerFreq); QueryPerformanceCounter(&counterAtStart); // Binary patches //-------------------------------------------------------------- DWORD address; DWORD data; // Override D3D Presentation Interval address = convertAddress(ADDR_PRESINT); data = 5; //Set to immediate writeToAddress(&data, address, sizeof(data)); // Detour call to getDrawThreadMsgCommand address = convertAddress(ADDR_GETCMD); DetourApply((BYTE*)address, (BYTE*)getDrawThreadMsgCommand, 5, CALLOP); SDLOG(0, "FPS unlocked\n"); }
// Render Loop //---------------------------------------------------------------------------------------- void renderLoop(void) { bool run = true; DWORD threadID = GetCurrentThreadId(); int taskFunc; DWORD task; //Pointers conversion DWORD pGetTaskF = convertAddress(0x00577330); DWORD pCleanTaskF = convertAddress(0x00577450); QueryPerformanceFrequency(&timerFreq); QueryPerformanceCounter(&counterAtStart); float lastTime = 0.0f; // Render loop do { // Get Job & state _asm { PUSH 1 MOV ECX, HighGraphics CALL pGetTaskF //Get task pointer MOV task, EAX //Store task pointer (EAX) MOV ECX, [EAX+0x0C] //Get task function MOV taskFunc, ECX //Store function } if (task == (HighGraphics+0x08)) //No task break; switch (taskFunc) { // Exit loop case 0: _asm { MOV EDI, TaskFuncPtr MOV EAX, [EDI] MOV EDX, [EAX+0x0C] MOV ECX, EDI CALL EDX } run = false; break; // Start Watch-dog Thread case 1: _asm { MOV ESI, task MOV EDI, TaskFuncPtr MOV ECX, [ESI+0x2C] MOV EDX, [ESI+0x28] MOV EAX, [EDI] PUSH ECX MOV ECX, [ESI+0x24] PUSH EDX MOV EDX, [EAX+0x08] PUSH ECX MOV ECX, EDI CALL EDX } break; // Update and/or Render case 2: _asm { MOV ESI, task MOV EDI, TaskFuncPtr MOV ECX, [ESI+0x24] MOV EAX, [EDI] MOV EDX, [EAX+0x10] PUSH ECX MOV ECX, EDI CALL EDX } break; // Do nothing (was debug log) case 3: _asm { MOV EDI, TaskFuncPtr MOV EAX, [EDI] MOV EDX, [EAX+0x14] MOV ECX, TaskFuncPtr CALL EDX } break; // Do nothing (was debug log) case 4: _asm { MOV EDI, TaskFuncPtr MOV EAX, [EDI] MOV EDX, [EAX+0x18] MOV ECX, TaskFuncPtr CALL EDX } break; // Force Render (caused by watchdog timeout) case 5: _asm { MOV EDI, TaskFuncPtr MOV EAX, [EDI] MOV EDX, [EAX+0x1C] MOV ECX, TaskFuncPtr CALL EDX } break; default: break; } // If rendering was performed, update animation step-time if((taskFunc == 2) || (taskFunc == 5)) { // FPS regulation float maxFPS = (float)Settings::get().getCurrentFPSLimit(); float minFPS = 10.0f; float currentTime = getElapsedTime(); float deltaTime = currentTime - lastTime; // Update step-time updateAnimationStepTime((float)deltaTime, minFPS, maxFPS); lastTime = currentTime; } // Task cleanup _asm { MOV ESI, task PUSH ESI MOV ECX, HighGraphics CALL pCleanTaskF } } while (run); }