From 3b766be616ed76124b3273b33c42842b16def2e0 Mon Sep 17 00:00:00 2001
From: Jan Petykiewicz <anewusername@gmail.com>
Date: Sun, 24 Mar 2019 20:36:18 -0700
Subject: [PATCH] Add utils.search_buffer_verbatim()

---
 mem_edit/utils.py | 27 +++++++++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/mem_edit/utils.py b/mem_edit/utils.py
index c2e691f..fc15970 100644
--- a/mem_edit/utils.py
+++ b/mem_edit/utils.py
@@ -23,9 +23,32 @@ class MemEditError(Exception):
     pass
 
 
+def search_buffer_verbatim(needle_buffer: ctypes_buffer_t, haystack_buffer: ctypes_buffer_t) -> List[int]:
+    """
+    Search for a buffer inside another buffer, using a direct (bitwise) comparison
+
+    :param needle_buffer: Buffer to search for.
+    :param haystack_buffer: Buffer to search in.
+    :return: List of offsets where the needle_buffer was found.
+    """
+    found = []
+
+    haystack = bytes(haystack_buffer)
+    needle = bytes(needle_buffer)
+
+    start = 0
+    result = haystack.find(needle, start)
+    while start < len(haystack) and result != -1:
+        found.append(result)
+        start = result + 1
+        result = haystack.find(needle, start)
+    return found
+
+
 def search_buffer(needle_buffer: ctypes_buffer_t, haystack_buffer: ctypes_buffer_t) -> List[int]:
     """
-    Search for a buffer inside another buffer.
+    Search for a buffer inside another buffer, using ctypes_equal for comparison.
+    Much slower than search_buffer_verbatim.
 
     :param needle_buffer: Buffer to search for.
     :param haystack_buffer: Buffer to search in.
@@ -46,7 +69,7 @@ def ctypes_equal(a: ctypes_buffer_t, b: ctypes_buffer_t) -> bool:
     """
     if not type(a) == type(b):
         return False
-    
+
     if isinstance(a, ctypes.Array):
         return a[:] == b[:]
     elif isinstance(a, ctypes.Structure) or isinstance(a, ctypes.Union):