ntmemoryapi 2.1.5__tar.gz → 2.2.1__tar.gz

{ntmemoryapi-2.1.5 → ntmemoryapi-2.2.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: ntmemoryapi
-Version: 2.1.5
+Version: 2.2.1
 Summary: Simple library for Windows to manipulate process virtual memory with stelthy syscall wraps.
 Author: Xenely
 Requires-Dist: psutil>=7.1.3

{ntmemoryapi-2.1.5 → ntmemoryapi-2.2.1}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "ntmemoryapi"
-version = "2.1.5"
+version = "2.2.1"
 description = "Simple library for Windows to manipulate process virtual memory with stelthy syscall wraps."
 authors = [
     {name = "Xenely"}

{ntmemoryapi-2.1.5 → ntmemoryapi-2.2.1}/src/ntmemoryapi/__init__.py

@@ -505,8 +505,8 @@ class Process:
 
             raise ValueError("Invalid pattern: `%s`" % pattern)
 
-        # Result list of found addresses
-        found_addresses = []
+        # List of regions to scan
+        to_scan_regions = []
 
         # iterate memory regions and finding addresses at them
         for region in self.list_memory_regions(allowed_states, allowed_protects, allowed_types, memory_regions_filter):
@@ -528,18 +528,39 @@ class Process:
                 continue
 
             # Scan params
-            scan_start = max(region_start, start_address) if start_address is not None else region_start
-            scan_size = min(region_end, end_address) - scan_start if end_address is not None else region_end - scan_start
+            scan_adderss = max(region_start, start_address) if start_address is not None else region_start
+            scan_size = min(region_end, end_address) - scan_adderss if end_address is not None else region_end - scan_adderss
+
+            # Save region information to scan later
+            to_scan_regions.append((scan_adderss, scan_size))
+
+        # If no regions to scan presented
+        if not to_scan_regions:
+            return []
+
+        # Result list of found addresses
+        found_addresses = []
+
+        # Pre-allocated buffer to hold read memory
+        read_memory_buffer = (ctypes.c_byte * (max(item[-1] for item in to_scan_regions) + 1))()
+
+        # Iterate regions to scan read them and find pattern
+        for scan_adderss, scan_size in to_scan_regions:
+
+            # If required amount of addresses found
+            if return_first is not None and return_first <= 0:
+                break
 
-            # Read region as bytes
             try:
-                read_region_bytes = self.read_bytes(scan_start, scan_size)
+
+                # Read bytes into pre-allocated buffer
+                self.read_into_buffer(scan_adderss, scan_size, ctypes.addressof(read_memory_buffer))
 
             except Exception:
-                continue
+                pass
 
             # Pattern scan region using SIMD KMP algorithm
-            self.__kmp.scanAOB(read_region_bytes, scan_size, pattern.strip().encode(), ctypes.c_uint64(scan_start), ctypes.c_uint64(return_first if return_first is not None else 0), ctypes.byref(scan_result := PatternScanBuffer()))
+            self.__kmp.scanAOB(ctypes.addressof(read_memory_buffer), scan_size, pattern.strip().encode(), ctypes.c_uint64(scan_adderss), ctypes.c_uint64(return_first if return_first is not None else 0), ctypes.byref(scan_result := PatternScanBuffer()))
 
             # Read result addresses
             addresses = scan_result.read()
@@ -665,6 +686,13 @@ class Process:
 
         return buffer
 
+    def read_into_buffer(self, address: int, size: int, buffer_pointer: int) -> None:
+        """Read bytes array of variadic size located at given address into pre-allocated internal buffer by pointer."""
+
+        # If result failed
+        if (result := _nt_read_virtual_memory(self.handle, address, buffer_pointer, size, None)):
+            raise MemoryReadError(result, address)
+
     def write_int8(self, address: int, value: int) -> None:
         """Write 1 byte signed integer value at given address."""