From c34afa953dc1017d14fabe3ad37c50d8dd3a936b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Benjamin=20H=C3=B6glinger-Stelzer?= <nefarius@dhmx.at>
Date: Wed, 3 Oct 2018 19:55:13 +0200
Subject: [PATCH] Fixed issues #6, #7 Moved another few bytes to heap

---
 .gitignore   |  2 ++
 sys/Xusb.h   |  3 ++-
 sys/buspdo.c | 23 ++++++++++++++++-------
 sys/xusb.c   |  4 +++-
 4 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0d03bf9..5986313 100644
--- a/.gitignore
+++ b/.gitignore
@@ -33,3 +33,5 @@
 /Debug
 /sys/Debug
 /sys/ARM/Debug
+/lib/Debug (dynamic)/*.log
+/sys/RCa25584
diff --git a/sys/Xusb.h b/sys/Xusb.h
index 20e3b9e..5531192 100644
--- a/sys/Xusb.h
+++ b/sys/Xusb.h
@@ -49,7 +49,7 @@ DEFINE_GUID(GUID_DEVINTERFACE_XUSB_UNKNOWN_2,
 #define XUSB_LEDSET_SIZE                0x03
 #define XUSB_LEDNUM_SIZE                0x01
 #define XUSB_INIT_STAGE_SIZE            0x03
-#define XUSB_BLOB_STORAGE_SIZE          0x26
+#define XUSB_BLOB_STORAGE_SIZE          0x2A
 
 #define XUSB_BLOB_00_OFFSET             0x00
 #define XUSB_BLOB_01_OFFSET             0x03
@@ -58,6 +58,7 @@ DEFINE_GUID(GUID_DEVINTERFACE_XUSB_UNKNOWN_2,
 #define XUSB_BLOB_04_OFFSET             0x0C
 #define XUSB_BLOB_05_OFFSET             0x20
 #define XUSB_BLOB_06_OFFSET             0x23
+#define XUSB_BLOB_07_OFFSET             0x26
 
 #define XUSB_IS_DATA_PIPE(_x_)          ((BOOLEAN)(_x_->PipeHandle == (USBD_PIPE_HANDLE)0xFFFF0081))
 #define XUSB_IS_CONTROL_PIPE(_x_)       ((BOOLEAN)(_x_->PipeHandle == (USBD_PIPE_HANDLE)0xFFFF0083))
diff --git a/sys/buspdo.c b/sys/buspdo.c
index a5ed1f9..c89539f 100644
--- a/sys/buspdo.c
+++ b/sys/buspdo.c
@@ -598,6 +598,8 @@ VOID Pdo_EvtIoInternalDeviceControl(
     PURB                    urb;
     PPDO_DEVICE_DATA        pdoData;
     PIO_STACK_LOCATION      irpStack;
+    PXUSB_DEVICE_DATA       pXusbData;
+    PUCHAR                  blobBuffer;
 
 
     TraceEvents(TRACE_LEVEL_VERBOSE, TRACE_BUSPDO, "%!FUNC! Entry");
@@ -629,13 +631,20 @@ VOID Pdo_EvtIoInternalDeviceControl(
             switch (urb->UrbControlTransfer.SetupPacket[6])
             {
             case 0x04:
-                //
-                // Xenon magic
-                // 
-                COPY_BYTE_ARRAY(urb->UrbControlTransfer.TransferBuffer, P99_PROTECT({
-                    0x31, 0x3F, 0xCF, 0xDC
-                    }));
-                status = STATUS_SUCCESS;
+                if (pdoData->TargetType == Xbox360Wired)
+                {
+                    pXusbData = XusbGetData(hDevice);
+                    blobBuffer = WdfMemoryGetBuffer(pXusbData->InterruptBlobStorage, NULL);
+                    //
+                    // Xenon magic
+                    // 
+                    RtlCopyMemory(
+                        urb->UrbControlTransfer.TransferBuffer,
+                        &blobBuffer[XUSB_BLOB_07_OFFSET],
+                        0x04
+                    );
+                    status = STATUS_SUCCESS;
+                }
                 break;
             case 0x14:
                 //
diff --git a/sys/xusb.c b/sys/xusb.c
index 5e3bea2..751ad2f 100644
--- a/sys/xusb.c
+++ b/sys/xusb.c
@@ -295,7 +295,9 @@ NTSTATUS Xusb_AssignPdoContext(WDFDEVICE Device)
         // 5
         0x01, 0x03, 0x03,
         // 6
-        0x05, 0x03, 0x00
+        0x05, 0x03, 0x00,
+        // 7
+        0x31, 0x3F, 0xCF, 0xDC
         }));
 
     // I/O Queue for pending IRPs