- pid_t pid = (pid_t)PID_SELECTED;
- vm_map_t task;
-
- kern_return_t result;
-
- vm_address_t address = 0x0;
- vm_size_t size = 0;
- vm_region_basic_info_data_t info;
- mach_msg_type_number_t infoCnt = 8;
- mach_port_t object_name = 0;
-
- char unsigned *data;
- vm_size_t dataCnt;
-
- char unsigned *string8bit = (char unsigned *)[[searchTextField stringValue] lossyCString];
- long unsigned stringSize = strlen( string8bit );
- char integer8bit = (char)[searchTextField intValue];
- short integer16bit = (short)[searchTextField intValue];
- long integer32bit = (long)[searchTextField intValue];
- long long integer64bit = (long long)[searchTextField intValue];
- float float32bit = (float)[searchTextField floatValue];
- double float64bit = (double)[searchTextField doubleValue];
-
- BOOL done = NO;
-
- if ( (result = task_for_pid( current_task(), pid, &task)) != KERN_SUCCESS )
- {
- NSLog( @"task_for_pid returned error: %i", result );
- return;
- }
-
- addressList = [[NSMutableArray alloc] init];
-
- while ( !done )
- {
- if ( (result = vm_region( task, &address, &size, VM_REGION_BASIC_INFO, (vm_region_info_t)(&info), &infoCnt, &object_name )) != KERN_SUCCESS )
- {
- if ( result != KERN_INVALID_ADDRESS )
- {
- NSLog( @"vm_region returned error: %i", result );
- }
-
- done = YES;
- }
-
- //NSLog( @"address: %X, size: %i", address, size );
-
- if ( (info.protection & VM_PROT_READ) && ((info.protection & VM_PROT_WRITE) >> 1) )
- {
- data = (char unsigned *)malloc( size );
- dataCnt = size;
-
- if ( (result = vm_read_overwrite( task, address, size, (vm_address_t)data, &dataCnt )) != KERN_SUCCESS && result != KERN_PROTECTION_FAILURE )
- {
- NSLog( @"vm_read_overwrite returned error: %i", result );
- free( data );
- done = YES;
- }
-
- if ( result == KERN_SUCCESS )
- {
- long unsigned i, max = (long unsigned)dataCnt;
-
- //NSLog( @"data: %X, size: %i", (vm_address_t)data, dataCnt );
-
- switch ( TYPE_SELECTED )
- {
- case TYPE_STRING:
- switch ( SIZE_SELECTED )
- {
- case SIZE_8_BIT:
- {
- long unsigned maxString = max - stringSize;
-
- for ( i = 0; i < maxString; i += sizeof(char unsigned) )
- {
- if ( strncmp( string8bit, data+i, stringSize ) == 0 )
- {
- [addressList addObject:[NSNumber numberWithUnsignedLong:(long unsigned)address + i]];
- }
- }
- }
- break;
- }
- break;
-
- case TYPE_INTEGER:
- switch ( SIZE_SELECTED )
- {
- case SIZE_8_BIT:
- {
- for ( i = 0; i < max; i += sizeof(char) )
- {
- if ( integer8bit == *((char *)(data+i)) )
- {
- [addressList addObject:[NSNumber numberWithUnsignedLong:(long unsigned)address + i]];
- }
- }
- }
- break;
-
- case SIZE_16_BIT:
- {
- for ( i = 0; i < max; i += sizeof(short) )
- {
- if ( integer16bit == *((short *)(data+i)) )
- {
- [addressList addObject:[NSNumber numberWithUnsignedLong:(long unsigned)address + i]];
- }
- }
- }
- break;
-
- case SIZE_32_BIT:
- {
- for ( i = 0; i < max; i += sizeof(long) )
- {
- if ( integer32bit == *((long *)(data+i)) )
- {
- [addressList addObject:[NSNumber numberWithUnsignedLong:(long unsigned)address + i]];
- }
- }
- }
- break;
-
- case SIZE_64_BIT:
- {
- for ( i = 0; i < max; i += sizeof(long long) )
- {
- if ( integer64bit == *((long long *)(data+i)) )
- {
- [addressList addObject:[NSNumber numberWithUnsignedLong:(long unsigned)address + i]];
- }
- }
- }
- break;
- }
- break;
-
- case TYPE_FLOAT:
- switch ( SIZE_SELECTED+2 )
- {
- case SIZE_32_BIT:
- {
- for ( i = 0; i < max; i += sizeof(float) )
- {
- if ( float32bit == *((float *)(data+i)) )
- {
- [addressList addObject:[NSNumber numberWithUnsignedLong:(long unsigned)address + i]];
- }
- }
- }
- break;
-
- case SIZE_64_BIT:
- {
- for ( i = 0; i < max; i += sizeof(double) )
- {
- if ( float64bit == *((double *)(data+i)) )
- {
- [addressList addObject:[NSNumber numberWithUnsignedLong:(long unsigned)address + i]];
- }
- }
- }
- break;
- }
- break;
- }
- }
-
- free( data );
- }
-
- address += size;
- }
-
- searching = NO;
-
- // update the interface
- [statusBar stopAnimation:self];
- [self updateProcessPopup];
- [self updateSearchButton];
- [self updateTypePopup];
- [self updateSizePopup];
- [self updateChangeButton];
- [self updateStatusText];
- [addressTable reloadData];
-
- [pool release];