From aa1a49ad6f066abbdce0b4da30ec8519371c99a2 Mon Sep 17 00:00:00 2001 From: momo5502 Date: Sun, 24 Aug 2025 09:32:59 +0200 Subject: [PATCH] Get rid of static variables --- src/analyzer/main.cpp | 24 ++++++++++++++---------- src/analyzer/object_watching.hpp | 20 +++++++++++++------- 2 files changed, 27 insertions(+), 17 deletions(-) diff --git a/src/analyzer/main.cpp b/src/analyzer/main.cpp index ae019121..8f7f109b 100644 --- a/src/analyzer/main.cpp +++ b/src/analyzer/main.cpp @@ -66,6 +66,8 @@ namespace scoped_hook env_ptr_hook_; scoped_hook params_hook_; scoped_hook ldr_hook_; + std::shared_ptr params_state = std::make_shared(); + std::shared_ptr ldr_state = std::make_shared(); std::set> modules_; bool verbose_; @@ -179,8 +181,8 @@ namespace auto state = std::make_shared(win_emu, modules, verbose); - state->params_hook_ = watch_object(win_emu, modules, win_emu.process.process_params, verbose); - state->ldr_hook_ = watch_object(win_emu, modules, win_emu.process.peb.read().Ldr, verbose); + state->params_hook_ = watch_object(win_emu, modules, win_emu.process.process_params, verbose, state->params_state); + state->ldr_hook_ = watch_object(win_emu, modules, win_emu.process.peb.read().Ldr, verbose, state->ldr_state); const auto update_env_hook = [state] { state->env_ptr_hook_ = install_env_hook(state); // @@ -192,14 +194,15 @@ namespace [state, update_env = std::move(update_env_hook)](const uint64_t, const void*, size_t) { const auto new_ptr = state->win_emu_.process.peb.read().ProcessParameters; state->params_hook_ = watch_object( - state->win_emu_, state->modules_, new_ptr, state->verbose_); + state->win_emu_, state->modules_, new_ptr, state->verbose_, state->params_state); update_env(); }); win_emu.emu().hook_memory_write( win_emu.process.peb.value() + offsetof(PEB64, Ldr), 0x8, [state](const uint64_t, const void*, size_t) { const auto new_ptr = state->win_emu_.process.peb.read().Ldr; - state->ldr_hook_ = watch_object(state->win_emu_, state->modules_, new_ptr, state->verbose_); + state->ldr_hook_ = + watch_object(state->win_emu_, state->modules_, new_ptr, state->verbose_, state->ldr_state); }); #endif } @@ -541,7 +544,10 @@ namespace continue; } - auto read_handler = [&, section, concise_logging](const uint64_t address, const void*, size_t) { + const auto read_count = std::make_shared(0); + const auto write_count = std::make_shared(0); + + auto read_handler = [&, section, concise_logging, read_count](const uint64_t address, const void*, size_t) { const auto rip = win_emu->emu().read_instruction_pointer(); if (!win_emu->mod_manager.executable->is_within(rip)) { @@ -550,8 +556,7 @@ namespace if (concise_logging) { - static uint64_t count{0}; - ++count; + const auto count = ++*read_count; if (count > 20 && count % 100000 != 0) { return; @@ -562,7 +567,7 @@ namespace section.name.c_str(), address, rip); }; - const auto write_handler = [&, section, concise_logging](const uint64_t address, const void*, size_t) { + const auto write_handler = [&, section, concise_logging, write_count](const uint64_t address, const void*, size_t) { const auto rip = win_emu->emu().read_instruction_pointer(); if (!win_emu->mod_manager.executable->is_within(rip)) { @@ -571,8 +576,7 @@ namespace if (concise_logging) { - static uint64_t count{0}; - ++count; + const auto count = ++*write_count; if (count > 100 && count % 100000 != 0) { return; diff --git a/src/analyzer/object_watching.hpp b/src/analyzer/object_watching.hpp index c8cc493e..c1473ab1 100644 --- a/src/analyzer/object_watching.hpp +++ b/src/analyzer/object_watching.hpp @@ -2,17 +2,25 @@ #include "reflect_type_info.hpp" #include +#include #include +struct object_watching_state +{ + std::unordered_set logged_addresses{}; +}; + template emulator_hook* watch_object(windows_emulator& emu, const std::set>& modules, emulator_object object, - const auto verbose) + const auto verbose, + std::shared_ptr shared_state = std::make_unique()) { const reflect_type_info info{}; return emu.emu().hook_memory_read( object.value(), static_cast(object.size()), - [i = std::move(info), object, &emu, verbose, modules](const uint64_t address, const void*, const size_t size) { + [i = std::move(info), object, &emu, verbose, modules, state = std::move(shared_state)](const uint64_t address, const void*, + const size_t size) { const auto rip = emu.emu().read_instruction_pointer(); const auto* mod = emu.mod_manager.find_by_address(rip); const auto is_main_access = !mod || (mod == emu.mod_manager.executable || modules.contains(mod->name)); @@ -24,12 +32,10 @@ emulator_hook* watch_object(windows_emulator& emu, const std::set logged_addresses{}; - bool is_new = false; for (size_t j = 0; j < size; ++j) { - is_new |= logged_addresses.insert(address + j).second; + is_new |= state->logged_addresses.insert(address + j).second; } if (!is_new) @@ -71,7 +77,7 @@ emulator_hook* watch_object(windows_emulator& emu, const std::set emulator_hook* watch_object(windows_emulator& emu, const std::set>& modules, const uint64_t address, - const auto verbose) + const auto verbose, std::shared_ptr state = std::make_unique()) { - return watch_object(emu, modules, emulator_object{emu.emu(), address}, verbose); + return watch_object(emu, modules, emulator_object{emu.emu(), address}, verbose, std::move(state)); }