Added NodeDissector.

Author: KN4CK3R

Memory/Memory.cs

@@ -67,9 +67,26 @@ public byte ReadByte(IntPtr offset)
 
 		public byte ReadByte(int offset)
 		{
+			if (Offset + offset < 0 || Offset + offset > data.Length)
+			{
+				throw new IndexOutOfRangeException();
+			}
+
 			return data[Offset + offset];
 		}
 
+		public byte[] ReadBytes(int offset, int length)
+		{
+			if (Offset + offset < 0 || Offset + offset + length > data.Length)
+			{
+				throw new IndexOutOfRangeException();
+			}
+
+			var b = new byte[length];
+			Array.Copy(data, Offset + offset, b, 0, length);
+			return b;
+		}
+
 		public T ReadObject<T>(IntPtr offset) where T : struct
 		{
 			return ReadObject<T>(offset.ToInt32());
@@ -78,7 +95,7 @@ public T ReadObject<T>(IntPtr offset) where T : struct
 		public T ReadObject<T>(int offset) where T : struct
 		{
 			var handle = GCHandle.Alloc(data, GCHandleType.Pinned);
-			var obj = (T)Marshal.PtrToStructure(handle.AddrOfPinnedObject() + offset, typeof(T));
+			var obj = (T)Marshal.PtrToStructure(handle.AddrOfPinnedObject() + Offset + offset, typeof(T));
 			handle.Free();
 
 			return obj;

Memory/NodeDissector.cs

@@ -0,0 +1,163 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics.Contracts;
+using ReClassNET.Nodes;
+using ReClassNET.Util;
+
+namespace ReClassNET.Memory
+{
+	public class NodeDissector
+	{
+		public static void DissectNodes(IEnumerable<BaseHexNode> nodes, MemoryBuffer memory)
+		{
+			Contract.Requires(nodes != null);
+			Contract.Requires(memory != null);
+
+			foreach (var node in nodes)
+			{
+				var type = GuessType(node, memory);
+				if (type != null)
+				{
+					node.ParentNode.ReplaceChildNode(node, type);
+				}
+			}
+		}
+
+		public static Type GuessType(BaseHexNode node, MemoryBuffer memory)
+		{
+			Contract.Requires(node != null);
+			Contract.Requires(memory != null);
+
+			var offset = node.Offset.ToInt32();
+			var is4ByteAligned = offset % 4 == 0;
+			var is8ByteAligned = offset % 8 == 0;
+
+			// The node is not aligned, skip it.
+			if (!is4ByteAligned)
+			{
+				return null;
+			}
+
+			var data64 = memory.ReadObject<UInt64FloatDoubleData>(offset);
+			var data32 = memory.ReadObject<UInt32FloatData>(offset);
+
+			/*var raw = memory.ReadBytes(offset, node.MemorySize);
+			if (raw.IsPrintableData())
+			{
+				return typeof(UTF8TextNode);
+			}
+			else if (raw.EveryNth(2).IsPrintableData())
+			{
+				return typeof(UTF16TextNode);
+			}*/
+
+			if (is8ByteAligned)
+			{
+#if WIN64
+				var pointerType = GuessPointerType(data64.IntPtr, memory);
+				if (pointerType != null)
+				{
+					return pointerType;
+				}
+#endif
+			}
+
+			if (is4ByteAligned)
+			{
+#if WIN32
+				var pointerType = GuessPointerType(data32.IntPtr, memory);
+				if (pointerType != null)
+				{
+					return pointerType;
+				}
+#endif
+
+				// 0 could be anything.
+				if (data32.IntValue != 0)
+				{
+					// If the data represents a reasonable range, it could be a float.
+					if (-99999.0f <= data32.FloatValue && data32.FloatValue <= 99999.0f && !data32.FloatValue.IsNearlyEqual(0.0f, 0.001f))
+					{
+						return typeof(FloatNode);
+					}
+
+					if (-99999 <= data32.IntValue && data32.IntValue <= 99999)
+					{
+						return typeof(Int32Node);
+					}
+				}
+			}
+
+			if (is8ByteAligned)
+			{
+				if (data64.LongValue != 0)
+				{
+					// If the data represents a reasonable range, it could be a double.
+					if (-99999.0 <= data64.DoubleValue && data64.DoubleValue <= 99999.0 && !data64.DoubleValue.IsNearlyEqual(0.0, 0.001))
+					{
+						return typeof(DoubleNode);
+					}
+				}
+			}
+
+			return null;
+		}
+
+		private static Type GuessPointerType(IntPtr address, MemoryBuffer memory)
+		{
+			Contract.Requires(memory != null);
+
+			if (address.IsNull())
+			{
+				return null;
+			}
+
+			var section = memory.Process.GetSectionToPointer(address);
+			if (section != null) // If the address points to a section it's valid memory.
+			{
+				if (section.Category == RemoteProcess.SectionCategory.Code) // If the section contains code, it should be a function pointer.
+				{
+					return typeof(FunctionPtrNode);
+				}
+				else if (section.Category == RemoteProcess.SectionCategory.Data) // If the section contains data, it is at least a pointer to a class or something.
+				{
+					// Check if it is a vtable. Check if the first 3 values are pointers to a code section.
+					bool valid = true;
+					for (var i = 0; i < 3; ++i)
+					{
+						var pointee = memory.Process.ReadRemoteObject<IntPtr>(address);
+						if (memory.Process.GetSectionToPointer(pointee)?.Category != RemoteProcess.SectionCategory.Code)
+						{
+							valid = false;
+							break;
+						}
+					}
+					if (valid)
+					{
+						return typeof(VTableNode);
+					}
+
+					// Check if it is a string.
+					var data = memory.Process.ReadRemoteMemory(address, IntPtr.Size);
+					if (data.IsPrintableData())
+					{
+						return typeof(UTF8TextPtrNode);
+					}
+					else if (data.EveryNth(2).IsPrintableData())
+					{
+						return typeof(UTF16TextPtrNode);
+					}
+					/*else if (!data.EveryNth(4).Where(b => !((char)b).IsPrintable()).Any())
+					{
+						return typeof(UTF32TextPtrNode);
+					}*/
+
+					// Now it could be a pointer to something else but we can't tell. :(
+					//return typeof(ClassPtrNode);
+				}
+			}
+
+			return null;
+		}
+	}
+}

Memory/RemoteProcess.cs

@@ -38,12 +38,19 @@ public class Module
 			public string Path;
 		}
 
+		public enum SectionCategory
+		{
+			Unknown,
+			Code,
+			Data
+		}
+
 		public class Section
 		{
 			public IntPtr Start;
 			public IntPtr End;
 			public string Name;
-			public string Category;
+			public SectionCategory Category;
 			public NativeMethods.StateEnum State;
 			public NativeMethods.AllocationProtectEnum Protection;
 			public NativeMethods.TypeEnum Type;
@@ -368,17 +375,32 @@ public bool WriteRemoteMemory<T>(IntPtr address, T value) where T : struct
 
 		#endregion
 
+		public Section GetSectionToPointer(IntPtr address)
+		{
+			return sections
+				.Where(s => s.Category != SectionCategory.Unknown)
+				.Where(s => address.InRange(s.Start, s.End))
+				.FirstOrDefault();
+		}
+
+		public Module GetModuleToPointer(IntPtr address)
+		{
+			return modules
+				.Where(m => address.InRange(m.Start, m.End))
+				.FirstOrDefault();
+		}
+
 		/// <summary>Tries to map the given address to a section or a module of the process.</summary>
 		/// <param name="address">The address to map.</param>
 		/// <returns>The named address or null if no mapping exists.</returns>
 		public string GetNamedAddress(IntPtr address)
 		{
-			var section = sections.Where(s => s.Category != null).Where(s => address.InRange(s.Start, s.End)).FirstOrDefault();
+			var section = GetSectionToPointer(address);
 			if (section != null)
 			{
 				return $"<{section.Category}>{section.ModuleName}.{address.ToString("X")}";
 			}
-			var module = modules.Where(m => address.InRange(m.Start, m.End)).FirstOrDefault();
+			var module = GetModuleToPointer(address);
 			if (module != null)
 			{
 				return $"{module.Name}.{address.ToString("X")}";
@@ -428,13 +450,13 @@ public Task UpdateProcessInformationsAsync()
 						{
 							case ".text":
 							case "code":
-								section.Category = "CODE";
+								section.Category = SectionCategory.Code;
 								break;
 							case ".data":
 							case "data":
 							case ".rdata":
 							case ".idata":
-								section.Category = "DATA";
+								section.Category = SectionCategory.Data;
 								break;
 						}
 						sections.Add(section);

Nodes/BaseContainerNode.cs

@@ -34,11 +34,37 @@ public int FindNodeIndex(BaseNode node)
 			return Nodes.FindIndex(n => n == node);
 		}
 
+		public virtual BaseNode ReplaceChildNode(BaseNode child, Type nodeType)
+		{
+			return ReplaceChildNode(FindNodeIndex(child), nodeType);
+		}
+
+		/// <summary>Replaces the child at the specific position with the provided node.</summary>
+		/// <param name="index">Zero-based position.</param>
+		/// <param name="node">The node to add.</param>
+		/// <returns>True if it succeeds, false if it fails.</returns>
+		public virtual BaseNode ReplaceChildNode(int index, Type nodeType)
+		{
+			Contract.Requires(nodeType != null);
+			Contract.Requires(nodeType.IsSubclassOf(typeof(BaseNode)));
+
+			var node = Activator.CreateInstance(nodeType) as BaseNode;
+
+			node.Intialize();
+
+			if (ReplaceChildNode(index, node))
+			{
+				return node;
+			}
+
+			return null;
+		}
+
 		/// <summary>Replaces the child at the specific position with the provided node.</summary>
 		/// <param name="index">Zero-based position.</param>
 		/// <param name="node">The node to add.</param>
 		/// <returns>True if it succeeds, false if it fails.</returns>
-		public virtual bool ReplaceChildNode(BaseNode child, BaseNode node)
+		public bool ReplaceChildNode(BaseNode child, BaseNode node)
 		{
 			return ReplaceChildNode(FindNodeIndex(child), node);
 		}

Nodes/BaseHexCommentNode.cs

@@ -70,12 +70,12 @@ protected int AddComment(ViewInfo view, int x, int y, float fvalue, IntPtr ivalu
 					var data = view.Memory.Process.ReadRemoteMemory(ivalue, 64);
 
 					// First check if it could be an UTF8 string and if not try UTF16.
-					if (!data.Take(IntPtr.Size).Where(b => !((char)b).IsPrintable()).Any())
+					if (data.Take(IntPtr.Size).IsPrintableData())
 					{
 						var text = new string(Encoding.UTF8.GetChars(data).TakeWhile(c => c != 0).ToArray());
 						x = AddText(view, x, y, Program.Settings.TextColor, HotSpot.NoneId, $"'{text}'") + view.Font.Width;
 					}
-					else if(!data.EveryNth(2).Take(IntPtr.Size).Where(b => !((char)b).IsPrintable()).Any())
+					else if(data.EveryNth(2).Take(IntPtr.Size).IsPrintableData())
 					{
 						var text = new string(Encoding.Unicode.GetChars(data).TakeWhile(c => c != 0).ToArray());
 						x = AddText(view, x, y, Program.Settings.TextColor, HotSpot.NoneId, $"L'{text}'") + view.Font.Width;