We are relocated

game_re/r3/binders/dbg_mem.cxx

@@ -27,19 +27,24 @@ struct R3Bin {
         uintptr_t(module) - GH_BASE_ADDR;
 
     // Now we have to relocate the module to the new base address
+    relocateModule(module);
   }
 
-  inline void relocate(HMODULE module, void* from, void* to, void* check) {
+  inline void relocate(HMODULE module, void* instr, void* from, void* originalPointee) {
     void* relocated_addr = (void*)(uintptr_t(from) + translationOffset);
-    void* relocated_to = (void*)(uintptr_t(to) + translationOffset);
+    void* relocated_to = (void*)(uintptr_t(originalPointee) + translationOffset);
     void *checkRead{};
     SIZE_T numRead{};
-    ReadProcessMemory(GetCurrentProcess(), relocated_addr, &checkRead, sizeof(checkRead), &numRead);
-    WriteProcessMemory(GetCurrentProcess(), relocated_addr, relocated_to, sizeof(relocated_to), NULL);
+    ReadProcessMemory(GetCurrentProcess(), relocated_addr, &checkRead,
+                      sizeof(checkRead), &numRead);
+    if (numRead != 4 || checkRead != originalPointee) {
+      throw std::logic_error("Invalid relocation");
+    }
+    WriteProcessMemory(GetCurrentProcess(), relocated_addr, &relocated_to, sizeof(relocated_to), NULL);
   }
   
   void relocateModule(HMODULE module) {
-    #define REL(from, to, original) relocate(module, (void*)(from), (void*)(to), (void*)(original));
+    #define REL(instr, from, originalPointee) relocate(module, (void*)(instr), (void*)(from), (void*)(originalPointee));
     #include "relocations.def"
   }
 

java/ghidra/FindRelocations.java

@@ -13,7 +13,7 @@ import java.io.*;
 import re3lib.RemanConfig;
 
 public class FindRelocations extends GhidraScript {
-  private Set<Address> foundRelocations = new HashSet<>();
+  private Set<String> foundRelocations = new HashSet<>();
   private PrintWriter outputFile;
 
   long addrMin, addrMax;
@@ -94,6 +94,7 @@ public class FindRelocations extends GhidraScript {
       Reference[] refs = instruction.getReferencesFrom();
       for (Reference ref : refs) {
         Address toAddr = ref.getToAddress();
+        
         if (isInMainMemorySpace(toAddr)) {
           // Check if the target address appears in the instruction bytes (absolute addressing)
           int operandOffset = findAbsoluteAddressOffset(instruction, toAddr);
@@ -119,13 +120,24 @@ public class FindRelocations extends GhidraScript {
       targetBytes[3] = (byte) ((targetValue >> 24) & 0xFF);
       
       // Search for the target address bytes in the instruction and return offset
-      return findSequenceOffset(instructionBytes, targetBytes);
+      int offset = findSequenceOffset(instructionBytes, targetBytes);
+      
+      return offset;
       
     } catch (Exception e) {
       return -1;
     }
   }
   
+  private String bytesToHex(byte[] bytes) {
+    StringBuilder sb = new StringBuilder();
+    for (int i = 0; i < bytes.length; i++) {
+      if (i > 0) sb.append(" ");
+      sb.append(String.format("%02x", bytes[i] & 0xFF));
+    }
+    return sb.toString();
+  }
+
   private int findSequenceOffset(byte[] haystack, byte[] needle) {
     if (needle.length > haystack.length) {
       return -1;
@@ -236,7 +248,9 @@ public class FindRelocations extends GhidraScript {
   }
 
   private void recordRelocation(Address fromAddr, Address toAddr, String instruction, String type, int operandOffset) {
-    if (foundRelocations.add(toAddr)) {
+    String relocKey = fromAddr.toString() + " -> " + toAddr.toString();
+    
+    if (foundRelocations.add(relocKey)) {
       String instructionBytes = getInstructionBytesString(fromAddr);
       Address operandPtr = fromAddr.add(operandOffset);
       
@@ -247,7 +261,7 @@ public class FindRelocations extends GhidraScript {
           instruction,
           type,
           instructionBytes);
-      println(line);
+      
       outputFile.println(line);
       outputFile.flush();
     }