Ah interesting, I'll take their examples and add it to my tester and see what I get out of them. I can post the results here later on too.
As for the portability / 64bit questions and comments, here is mine that should work on both now:
PHP Code:
/**
* @brief Scans a given chunk of data for the given pattern and mask.
*
* @param data The data to scan within for the given pattern.
* @param baseAddress The base address of where the scan data is from.
* @param lpPattern The pattern to scan for.
* @param pszMask The mask to compare against for wildcards.
* @param offset The offset to add to the pointer.
* @param resultUsage The result offset to use when locating signatures that match multiple functions.
*
* @return Pointer of the pattern found, 0 otherwise.
*/
static intptr_t FindPattern(std::vector<unsigned char> data, intptr_t baseAddress, const unsigned char* lpPattern, const char* pszMask, intptr_t offset, intptr_t resultUsage)
{
// Build vectored pattern..
std::vector<std::pair<unsigned char, bool>> pattern;
for (size_t x = 0, y = strlen(pszMask); x < y; x++)
pattern.push_back(std::make_pair(lpPattern[x], pszMask[x] == 'x'));
auto scanStart = data.begin();
auto resultCnt = 0;
while (true)
{
// Search for the pattern..
auto ret = std::search(scanStart, data.end(), pattern.begin(), pattern.end(),
[&](unsigned char curr, std::pair<unsigned char, bool> currPattern)
{
return (!currPattern.second) || curr == currPattern.first;
});
// Did we find a match..
if (ret != data.end())
{
// If we hit the usage count, return the result..
if (resultCnt == resultUsage || resultUsage == 0)
return (std::distance(data.begin(), ret) + baseAddress) + offset;
// Increment the found count and scan again..
++resultCnt;
scanStart = ++ret;
}
else
break;
}
return 0;
}
I used the following to test compiling and running on Linux:
Code:
http://www.tutorialspoint.com/compile_cpp11_online.php
I'll post the full benchmark once I have time to sit down and add all the other tests to mine and adjust as needed for how mine works.