From 3ee1101d66fc6c7c015ef2d4a7ef51208ae29745 Mon Sep 17 00:00:00 2001
From: Francesco Tamagni <mrmacete@protonmail.ch>
Date: Tue, 8 Oct 2024 17:08:09 +0200
Subject: [PATCH 1/3] memory: Make regex patterns raw

According to the docs of `g_regex_new`: "Usually strings must be valid
UTF-8 strings, using this flag they are considered as a raw sequence
of bytes."

The "strings" this refers to are the haystacks we then pass to
`g_regex_match_full` when searching.

Without the flag, memory search with regex patterns can get
interrupted before the range is over, when "invalid" bytes are
encountered, resulting in false negatives.
---
 gum/gummemory.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gum/gummemory.c b/gum/gummemory.c
index 26c800dd5..381503500 100644
--- a/gum/gummemory.c
+++ b/gum/gummemory.c
@@ -576,7 +576,7 @@ gum_match_pattern_new_from_regex (const gchar * regex_str)
   GumMatchPattern * pattern;
   GRegex * regex;
 
-  regex = g_regex_new (regex_str, G_REGEX_OPTIMIZE, G_REGEX_MATCH_NOTEMPTY,
+  regex = g_regex_new (regex_str, G_REGEX_OPTIMIZE | G_REGEX_RAW, G_REGEX_MATCH_NOTEMPTY,
       NULL);
   if (regex == NULL)
     return NULL;

From eeeda5baff317e98511d2637b8c60452e91dd666 Mon Sep 17 00:00:00 2001
From: Francesco Tamagni <mrmacete@protonmail.ch>
Date: Tue, 8 Oct 2024 17:10:38 +0200
Subject: [PATCH 2/3] Fix indentation

---
 gum/gummemory.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gum/gummemory.c b/gum/gummemory.c
index 381503500..871c82181 100644
--- a/gum/gummemory.c
+++ b/gum/gummemory.c
@@ -576,8 +576,8 @@ gum_match_pattern_new_from_regex (const gchar * regex_str)
   GumMatchPattern * pattern;
   GRegex * regex;
 
-  regex = g_regex_new (regex_str, G_REGEX_OPTIMIZE | G_REGEX_RAW, G_REGEX_MATCH_NOTEMPTY,
-      NULL);
+  regex = g_regex_new (regex_str, G_REGEX_OPTIMIZE | G_REGEX_RAW,
+      G_REGEX_MATCH_NOTEMPTY, NULL);
   if (regex == NULL)
     return NULL;
 

From e8487d89d7ba507108b838f1d20bdce0b8c8c52a Mon Sep 17 00:00:00 2001
From: Francesco Tamagni <mrmacete@protonmail.ch>
Date: Thu, 10 Oct 2024 09:46:21 +0200
Subject: [PATCH 3/3] Add test

---
 tests/gumjs/script.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/tests/gumjs/script.c b/tests/gumjs/script.c
index d05f16de1..bb1854043 100644
--- a/tests/gumjs/script.c
+++ b/tests/gumjs/script.c
@@ -8137,6 +8137,22 @@ TESTCASE (memory_can_be_scanned_with_match_pattern_object)
   EXPECT_SEND_MESSAGE_WITH ("\"onMatch offset=0 size=11\"");
   EXPECT_SEND_MESSAGE_WITH ("\"onMatch offset=13 size=11\"");
   EXPECT_SEND_MESSAGE_WITH ("\"onComplete\"");
+
+  haystack2[7] = 0xd1;
+
+  COMPILE_AND_LOAD_SCRIPT (
+      "const pattern = new MatchPattern(/Hello/.toString());"
+      "Memory.scan(" GUM_PTR_CONST ", 33, pattern, {"
+        "onMatch(address, size) {"
+        "  send('onMatch offset=' + address.sub(" GUM_PTR_CONST
+             ").toInt32() + ' size=' + size);"
+        "},"
+        "onComplete() {"
+        "  send('onComplete');"
+        "}"
+      "});", haystack2, haystack2);
+  EXPECT_SEND_MESSAGE_WITH ("\"onMatch offset=0 size=5\"");
+  EXPECT_SEND_MESSAGE_WITH ("\"onComplete\"");
 }
 
 TESTCASE (memory_can_be_scanned_synchronously)