Untitled

/*----------------------------------------------------------------------------*\
                    ===========================
                    Y Sever Includes - Writemem
                    ===========================
Description:
    Write to any absolute address in the SA:MP server in pure PAWN with embedded
    assembly (i.e. a new native).  Calls "VirtualProtect" to make writes safe.
Legal:
    Version: MPL 1.1

    The contents of this file are subject to the Mozilla Public License Version
    1.1 (the "License"); you may not use this file except in compliance with
    the License. You may obtain a copy of the License at
    http://www.mozilla.org/MPL/

    Software distributed under the License is distributed on an "AS IS" basis,
    WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    for the specific language governing rights and limitations under the
    License.

    The Original Code is the YSI ini include.

    The Initial Developer of the Original Code is Alex "Y_Less" Cole.
    Portions created by the Initial Developer are Copyright (C) 2011
    the Initial Developer. All Rights Reserved.

    Contributors:
        ZeeX, koolk, JoeBullet/Google63, g_aSlice/Slice

    Thanks:
        JoeBullet/Google63 - Handy arbitrary ASM jump code using SCTRL.
        ZeeX - Very productive conversations.
        koolk - IsPlayerinAreaEx code.
        TheAlpha - Danish translation.
        breadfish - German translation.
        Fireburn - Dutch translation.
        yom - French translation.
        50p - Polish translation.
        Zamaroht - Spanish translation.
        Dracoblue, sintax, mabako, Xtreme, other coders - Producing other modes
            for me to strive to better.
        Pixels^ - Running XScripters where the idea was born.
        Matite - Pestering me to release it and using it.

    Very special thanks to:
        Thiadmer - PAWN, whose limits continue to amaze me!
        Kye/Kalcor - SA:MP.
        SA:MP Team past, present and future - SA:MP.

Version:
    1.0
Changelog:
    01/02/12:
        Added "VirtualProtect" calls to the code.
        First version.
Functions:
    Public:
        -
    Core:
        -
    Stock:
        -
    Static:
        -
    Inline:
        -
    API:
        WriteMem - Write data to an address.
Callbacks:
    -
Definitions:
    asm - Convert a stream of assembly to a cell.
Enums:
    -
Macros:
    -
Tags:
    -
Variables:
    Global:
        -
    Static:
        YSI_g_sWriteMem - The assembly.
Commands:
    -
Compile options:
    -
Operators:
    -
\*----------------------------------------------------------------------------*/

#include <a_samp>
#include <YSI\y_amx>
#include <YSI\y_hooks>
#include <YSI\y_utils>

forward WriteMem(addr, value);

#define asm(%0,%1,%2,%3) ((0x%0<<0)|(0x%1<<8)|(0x%2<<16)|(0x%3<<24))

/*
cell AMX_NATIVE_CALL
    n_WriteMem(AMX * amx, cell * params)
{
    if (params[0] == 8)
    {
        DWORD
            oldp;
        VirtualProtect((cell *)params[1], 4, PAGE_EXECUTE_READWRITE, &oldp);
        *((cell *)params[1]) = params[2];
    }
    return 0;
}

BECOMES:

    align   16
    push    ebp
    mov     ebp, esp
    push    esi
    mov     esi, [ebp+12]
    cmp     dword ptr [esi], 8
    jnz     short loc_ret
    mov     ecx, [esi+4]
    lea     eax, [ebp+12]
    push    eax
    push    40h
    push    4
    push    ecx
    call    ds:__imp__VirtualProtect@16
    mov     edx, [esi+4]
    mov     eax, [esi+8]
    mov     [edx], eax
loc_ret:
    xor     eax, eax
    pop     esi
    pop     ebp
    retn

BECOMES:
*/

static
    YSI_g_sWriteMem[] =
    {
        asm(CC,CC,CC,CC), asm(CC,CC,CC,CC), asm(CC,CC,CC,CC), asm(CC,CC,CC,CC),
        asm(55,8B,EC,56), asm(8B,75,0C,83), asm(3E,08,75,1A), asm(8B,4E,04,8D),
        asm(45,0C,50,6A), asm(40,6A,04,51), asm(FF,15,3C,70), asm(00,10,8B,56),
        asm(04,8B,46,08), asm(89,02,33,C0), asm(5E,5D,C3,CC)
    };

static
    YSI_g_sDoWriteMem[] =
    {
        135, // sysreq.d opcode
        0,   // will be set later
    };

stock
    WriteMem(addr, value)
{
    // Push addr and value.
    #emit PUSH.S value
    #emit PUSH.S addr
    #emit PUSH.C 8

    // Get the jump address.
    #emit CONST.PRI YSI_g_sDoWriteMem
    #emit LOAD.ALT AMX_HEADER_DAT
    #emit ADD
    #emit LOAD.ALT AMX_HEADER_COD
    #emit SUB

    // Jump to the code stored in YSI_g_sDoWriteMem.
    // This will result in execution of the native code stored in YSI_g_sWriteMem.
    #emit JUMP.PRI

    // Pop native arguments.
    #emit STACK 12
}

static
    WM_Shift(from, to, data[], len = sizeof (data))
{
    if (FALSE)
    {
        WriteMem(0, 0);
    }
    while (from < len)
    {
        data[to++] = data[from++];
    }
}

hook OnScriptInit()
{
    new
        addr = AMX_GetGlobalAddress(YSI_g_sWriteMem);
    // Align the code to a 16-byte boundary.
    switch (addr & 15)
    {
        case 0:
        {
            WM_Shift(4, 0, YSI_g_sWriteMem);
        }
        case 4:
        {
            WM_Shift(4, 3, YSI_g_sWriteMem);
            addr += 12;
        }
        case 8:
        {
            WM_Shift(4, 2, YSI_g_sWriteMem);
            addr += 8;
        }
        case 12:
        {
            WM_Shift(4, 1, YSI_g_sWriteMem);
            addr += 4;
        }
        default:
        {
            P:E("Cannot relocate YSI_g_sWriteMem");
        }
    }
    YSI_g_sDoWriteMem[1] = addr;
    return 1;
}