win-capture: Update D3D9 signature for Win 11 22H2

plugins/win-capture/get-graphics-offsets/d3d9-offsets.cpp

@@ -90,6 +90,8 @@ static const uint8_t mask[][MAX_CMP_SIZE] = {
 	 0x00, 0x00, 0xFF, 0x00, 0xF8, 0xF8, 0x00, 0x00, 0x00, 0x00},
 	{0xF8, 0xFF, 0xC0, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xC0, 0x00, 0x00,
 	 0x00, 0x00, 0xFF, 0x00, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00},
+	{0xF8, 0xFF, 0xC0, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xC0, 0x00, 0x00,
+	 0x00, 0x00, 0x00, 0xFF, 0x00, 0xFF, 0xFF, 0x00, 0x00, 0x00},
 };
 
 static const uint8_t mask_cmp[][MAX_CMP_SIZE] = {
@@ -121,13 +123,26 @@ static const uint8_t mask_cmp[][MAX_CMP_SIZE] = {
 	 * Note: different instructions, last byte skipped due to MAX_CMP_SIZE
 	 */
 	{0x48, 0x8B, 0x80, 0x00, 0x00, 0x00, 0x00, 0x39, 0x80, 0x00, 0x00,
-	 0x00, 0x00, 0x75, 0x00, 0x48, 0x8D, 0x00, 0x00, 0x00, 0x00}};
+	 0x00, 0x00, 0x75, 0x00, 0x48, 0x8D, 0x00, 0x00, 0x00, 0x00},
+	/*
+	 * Windows 11 22H2
+	 * 49 8b 86 30 40 00 00		MOV        RAX,qword ptr [R14 + 0x4030]
+	 * 83 b8 a0 55 00 00 00		CMP        dword ptr [RAX + 0x55a0],0x0
+	 * 75 12			JNZ        LAB_1800b8662
+	 * 48 8d 15 b9 24 0a 00		LEA        param_2,[s_To_use...]
+	 *
+	 * Note: different instructions, last byte skipped due to MAX_CMP_SIZE
+	 */
+	{0x48, 0x8B, 0x80, 0x00, 0x00, 0x00, 0x00, 0x83, 0x80, 0x00, 0x00,
+	 0x00, 0x00, 0x00, 0x75, 0x00, 0x48, 0x8D, 0x00, 0x00, 0x00},
+};
 
 // Offset into the code for the numbers we're interested in
 static const uint32_t code_offsets[][2] = {
 	{3, 10},
 	{3, 9},
 	{3, 9},
+	{3, 9},
 };
 #else
 
@@ -140,6 +155,8 @@ static const uint8_t mask[][MAX_CMP_SIZE] = {
 	 0x00, 0x00, 0xFF, 0xFF, 0x00, 0xFF, 0x00, 0x00, 0x00, 0x00},
 	{0xFF, 0xC0, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xC0, 0x00, 0x00,
 	 0x00, 0x00, 0xFF, 0xFF, 0x00, 0xFF, 0x00, 0x00, 0x00, 0x00},
+	{0xFF, 0xC0, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xC0, 0x00, 0x00,
+	 0x00, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00},
 };
 
 static const uint8_t mask_cmp[][MAX_CMP_SIZE] = {
@@ -170,13 +187,25 @@ static const uint8_t mask_cmp[][MAX_CMP_SIZE] = {
 	 * BA 08 71 01 10            mov     edx, offset errMsg
 	 */
 	{0x8B, 0x80, 0x00, 0x00, 0x00, 0x00, 0x83, 0x80, 0x00, 0x00,
-	 0x00, 0x00, 0x00, 0x75, 0x00, 0xBA, 0x00, 0x00, 0x00, 0x00}};
+	 0x00, 0x00, 0x00, 0x75, 0x00, 0xBA, 0x00, 0x00, 0x00, 0x00},
+
+	/*
+	 * Windows 11 22H2
+	 * 8b 83 3c 2b 00 00		MOV        EAX,dword ptr [EBX + 0x2b3c]
+	 * 39 b8 44 4f 00 00		CMP        dword ptr [EAX + 0x4f44],EDI
+	 * 75 0f			JNZ        LAB_100d79a0
+	 * ba d0 c6 00 10		MOV        EDX,s_To_use_...
+	 */
+	{0x8B, 0x80, 0x00, 0x00, 0x00, 0x00, 0x39, 0x80, 0x00, 0x00,
+	 0x00, 0x00, 0x75, 0x00, 0xBA, 0x00, 0x00, 0x00, 0x00, 0x00},
+};
 
 // Offset into the code for the numbers we're interested in
 static const uint32_t code_offsets[][2] = {
 	{2, 8},
 	{2, 8},
 	{2, 8},
+	{2, 8},
 };
 #endif
 
@@ -208,6 +237,7 @@ void get_d3d9_offsets(struct d3d9_offsets *offsets)
 
 	if (success) {
 		uint8_t **vt = *(uint8_t ***)info.device;
+		/* Pointer to CheckResourceResidency */
 		uint8_t *crr = vt[125];
 
 		offsets->present = vtable_offset(info.module, info.device, 17);