@@ -757,6 +757,22 @@ declare namespace Memory {
757757 pattern : string | MatchPattern ,
758758 ) : MemoryScanMatch [ ] ;
759759
760+ /**
761+ * Scans one or more memory ranges for pointer-aligned words matching any of `values`.
762+ *
763+ * This is a focused, SIMD-accelerated alternative to `scan()` for the common task of finding pointers, e.g.
764+ * references to a given address. All matches are collected and returned sorted by address.
765+ *
766+ * @param ranges Memory range, or array of ranges, to scan.
767+ * @param values Pointer-width values to look for.
768+ * @param options Options to customize the scan.
769+ */
770+ function findPointers (
771+ ranges : MemoryRange | MemoryRange [ ] ,
772+ values : NativePointerValue [ ] ,
773+ options ?: MemoryFindPointersOptions ,
774+ ) : MemoryPointerMatch [ ] ;
775+
760776 /**
761777 * Allocates `size` bytes of memory on Frida's private heap, or, if `size` is a multiple of Process#pageSize,
762778 * one or more raw memory pages managed by the OS. The allocated memory will be released when the returned
@@ -1461,6 +1477,26 @@ interface MemoryScanMatch {
14611477 size : number ;
14621478}
14631479
1480+ interface MemoryFindPointersOptions {
1481+ /**
1482+ * Bitmask applied to each scanned word and each value before comparing. Defaults to an exact match.
1483+ * Pass e.g. `ptr("0x00007ffffffffff8")` to strip arm64e PAC and non-pointer-isa bits.
1484+ */
1485+ mask ?: NativePointerValue ;
1486+ }
1487+
1488+ interface MemoryPointerMatch {
1489+ /**
1490+ * Memory address where a matching word was found.
1491+ */
1492+ address : NativePointer ;
1493+
1494+ /**
1495+ * The matching word, i.e. the value stored at `address`, before masking.
1496+ */
1497+ value : NativePointer ;
1498+ }
1499+
14641500interface KernelMemoryScanCallbacks {
14651501 /**
14661502 * Called with each occurence that was found.
0 commit comments