chore: rename memory read functions

f1zm0 · Apr 21, 2023 · 859833e · 859833e
1 parent 68036a7
commit 859833e
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/internal/resolver/parse.go b/internal/resolver/parse.go
@@ -24,12 +24,12 @@ func ParseNtdllModule(hashFn hashing.HashFunction) []*Syscall {
 
 	sysStubs := make([]*Syscall, 0, numberOfNames/4) // Zw* < 25% of all exports
 	for i := uint32(0); i < numberOfNames; i++ {
-		fn := memory.ReadCStringAt(baseAddr, memory.ReadDwordAt(addressOfNames, i*4))
+		fn := memory.ReadCStringAt(baseAddr, memory.ReadDwordAtOffset(addressOfNames, i*4))
 		if fn[0] == 'Z' && fn[1] == 'w' {
 			fn[0] = 'N'
 			fn[1] = 't'
-			nameOrd := memory.ReadWordAt(addressOfNameOrdinals, i*2)
-			rva := memory.ReadDwordAt(addressOfFunctions, uint32(nameOrd*4))
+			nameOrd := memory.ReadWordAtOffset(addressOfNameOrdinals, i*2)
+			rva := memory.ReadDwordAtOffset(addressOfFunctions, uint32(nameOrd*4))
 
 			sysStubs = append(sysStubs, &Syscall{
 				NameHash: hashFn(fn),

diff --git a/pkg/memory/cstring.go b/pkg/memory/cstring.go
@@ -4,7 +4,7 @@ package memory
 func ReadCStringAt(start uintptr, offset uint32) []byte {
 	var buf []byte
 	for {
-		ch := ReadByteAt(start, offset)
+		ch := ReadByteAtOffset(start, offset)
 		if ch == 0 {
 			break
 		}

diff --git a/pkg/memory/stubs.go b/pkg/memory/stubs.go
@@ -2,8 +2,8 @@ package memory
 
 func RVA2VA(moduleBase uintptr, rva uint32) uintptr
 
-func ReadDwordAt(start uintptr, offset uint32) uint32
+func ReadDwordAtOffset(start uintptr, offset uint32) uint32
 
-func ReadWordAt(start uintptr, offset uint32) uint16
+func ReadWordAtOffset(start uintptr, offset uint32) uint16
 
-func ReadByteAt(start uintptr, offset uint32) byte
+func ReadByteAtOffset(start uintptr, offset uint32) byte