void patchMenuRop(int processId, u32* argbuf, u32 argbuflength)
{
// grab un-processed backup ropbin
GSPGPU_FlushDataCache(NULL, (u8*)&gspHeap[0x00100000], 0x8000);
doGspwn((u32*)MENU_LOADEDROP_BKP_BUFADR, (u32*)&gspHeap[0x00100000], 0x8000);
svc_sleepThread(50*1000*1000);
// patch it
if(processId == -2 && argbuf && argbuf[0] >= 2)
{
memorymap_t* mmap = getMmapArgbuf(argbuf, argbuflength);
patchPayload((u32*)&gspHeap[0x00100000], processId, mmap);
}else patchPayload((u32*)&gspHeap[0x00100000], processId, NULL);
// copy it to destination
GSPGPU_FlushDataCache(NULL, (u8*)&gspHeap[0x00100000], 0x8000);
doGspwn((u32*)&gspHeap[0x00100000], (u32*)MENU_LOADEDROP_BUFADR, 0x8000);
svc_sleepThread(50*1000*1000);
// copy parameter block
if(argbuf)memcpy(&gspHeap[0x00200000], argbuf, argbuflength);
else memset(&gspHeap[0x00200000], 0x00, MENU_PARAMETER_SIZE);
GSPGPU_FlushDataCache(NULL, (u8*)&gspHeap[0x00200000], MENU_PARAMETER_SIZE);
doGspwn((u32*)&gspHeap[0x00200000], (u32*)(MENU_PARAMETER_BUFADR), MENU_PARAMETER_SIZE);
svc_sleepThread(20*1000*1000);
}
int main(int argc, char** argv)
{
if(argc < 3) return -1;
FILE* f = fopen(argv[1], "rb");
if(!f) return -2;
fseek(f, 0, SEEK_END);
int size = ftell(f);
fseek(f, 0, SEEK_SET);
u8* file_buffer = malloc(size);
fread(file_buffer, 1, size, f);
fclose(f);
f = NULL;
u8* final_buffer = malloc(0x10000);
memset(final_buffer, 0x00, 0x10000);
memcpy(final_buffer, file_buffer, size);
patchPayload((u32*)final_buffer, 1, NULL);
memcpy(&final_buffer[0x8000], file_buffer, size);
f = fopen(argv[2], "wb");
if(!f) return -3;
fwrite(final_buffer, 1, 0x10000, f);
fclose(f);
return 0;
}