int operate_on_backtrace(ULONG_PTR retaddr, ULONG_PTR sp, int(*func)(ULONG_PTR))
{
int ret;
PVOID backtrace[HOOK_BACKTRACE_DEPTH];
lasterror_t lasterror;
WORD frames;
WORD i;
get_lasterrors(&lasterror);
hook_disable();
frames = our_stackwalk(retaddr, sp, backtrace, HOOK_BACKTRACE_DEPTH);
for (i = 0; i < frames; i++) {
if (!addr_in_our_dll_range((ULONG_PTR)backtrace[i]))
break;
}
if (((PUCHAR)backtrace[i])[0] == 0xeb && ((PUCHAR)backtrace[i])[1] == 0x08)
i++;
for (; i < frames; i++) {
ret = func((ULONG_PTR)backtrace[i]);
if (ret)
goto out;
}
out:
hook_enable();
set_lasterrors(&lasterror);
return ret;
}
void set_hooks()
{
// the hooks contain executable code as well, so they have to be RWX
DWORD old_protect;
VirtualProtect(g_hooks, sizeof(g_hooks), PAGE_EXECUTE_READWRITE,
&old_protect);
hook_disable();
// now, hook each api :)
for (int i = 0; i < ARRAYSIZE(g_hooks); i++) {
if(g_hooks[i].allow_hook_recursion != FALSE) {
hook_api(&g_hooks[i], HOOKTYPE);
}
else {
hook_api(&g_hooks[i], HOOKTYPE);
}
}
hook_enable();
}
