Load WoW.exe PE image for Warden MEM_CHECK responses

Parse PE sections from WoW.exe into a flat virtual memory image so MEM_CHECK returns real binary contents instead of zeros. Also mocks KUSER_SHARED_DATA (0x7FFE026C) with Windows 7 version info.
2026-03-24 08:00:14 +00:00 · 2026-02-14 02:00:15 -08:00 · 2026-02-14 02:00:15 -08:00 · 5e8384f34e
commit 5e8384f34e
parent cb79e43a29
5 changed files with 280 additions and 3 deletions
--- a/src/game/game_handler.cpp
+++ b/src/game/game_handler.cpp
@ -2,6 +2,7 @@
 #include "game/packet_parsers.hpp"
 #include "game/transport_manager.hpp"
 #include "game/warden_crypto.hpp"
+#include "game/warden_memory.hpp"
 #include "game/warden_module.hpp"
 #include "game/opcodes.hpp"
 #include "game/update_field_table.hpp"
@ -2355,10 +2356,25 @@ void GameHandler::handleWardenData(network::Packet& packet) {
                        uint8_t readLen = decrypted[pos++];
                        LOG_INFO("Warden:   MEM offset=0x", [&]{char s[12];snprintf(s,12,"%08x",offset);return std::string(s);}(),
                                 " len=", (int)readLen);
-                        // Response: [uint8 result=0][data zeros]
-                        // We don't have real memory, send zeros
+
+                        // Lazy-load WoW.exe PE image on first MEM_CHECK
+                        if (!wardenMemory_) {
+                            wardenMemory_ = std::make_unique<WardenMemory>();
+                            if (!wardenMemory_->load()) {
+                                LOG_WARNING("Warden: Could not load WoW.exe for MEM_CHECK");
+                            }
+                        }
+
+                        // Read real bytes from PE image (falls back to zeros if unavailable)
+                        std::vector<uint8_t> memBuf(readLen, 0);
+                        if (wardenMemory_->isLoaded() && wardenMemory_->readMemory(offset, readLen, memBuf.data())) {
+                            LOG_INFO("Warden:   MEM_CHECK served from PE image");
+                        } else {
+                            LOG_WARNING("Warden:   MEM_CHECK fallback to zeros for 0x",
+                                        [&]{char s[12];snprintf(s,12,"%08x",offset);return std::string(s);}());
+                        }
                        resultData.push_back(0x00);
-                        for (int i = 0; i < readLen; i++) resultData.push_back(0x00);
+                        resultData.insert(resultData.end(), memBuf.begin(), memBuf.end());
                        break;
                    }
                    case CT_PAGE_A: {