Exemplos de getOldFunctionAddress em C++ (Cpp)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: injectee.cpp Projeto: hadrien-psydk/apitrace

static BOOL
hookFunction(HMODULE hModule,
             const char *szModule,
             const char *pszDllName,
             const char *pszFunctionName,
             LPVOID lpNewAddress)
{
    PIMAGE_IMPORT_DESCRIPTOR pImportDescriptor = getImportDescriptor(hModule, szModule, pszDllName);
    if (pImportDescriptor == NULL) {
        return FALSE;
    }
    LPVOID* lpOldFunctionAddress = getOldFunctionAddress(hModule, pImportDescriptor, pszFunctionName);
    if (lpOldFunctionAddress == NULL) {
        return FALSE;
    }

    if (*lpOldFunctionAddress == lpNewAddress) {
        return TRUE;
    }

    if (VERBOSITY >= 3) {
        debugPrintf("      hooking %s->%s!%s\n", szModule, pszDllName, pszFunctionName);
    }

    return replaceAddress(lpOldFunctionAddress, lpNewAddress);
}

Exemplo n.º 2

0

Exibir arquivo

Arquivo: injectee.cpp Projeto: haraldF/apitrace

static BOOL
patchFunction(HMODULE hModule,
              const char *szModule,
              const char *pszDllName,
              T pImportDescriptor,
              const char *pszFunctionName,
              LPVOID lpNewAddress)
{
    LPVOID* lpOldFunctionAddress = getOldFunctionAddress(hModule, pImportDescriptor, pszFunctionName);
    if (lpOldFunctionAddress == NULL) {
        return FALSE;
    }

    if (*lpOldFunctionAddress == lpNewAddress) {
        return TRUE;
    }

    DWORD Offset = (DWORD)(UINT_PTR)lpOldFunctionAddress - (UINT_PTR)hModule;
    if (VERBOSITY > 0) {
        debugPrintf("inject: patching %s!0x%lx -> %s!%s\n", szModule, Offset, pszDllName, pszFunctionName);
    }

    BOOL bRet;
    bRet = replaceAddress(lpOldFunctionAddress, lpNewAddress);
    if (!bRet) {
        debugPrintf("inject: failed to patch %s!0x%lx -> %s!%s\n", szModule, Offset, pszDllName, pszFunctionName);
    }

    return bRet;
}

Exemplo n.º 3

0

Exibir arquivo

Arquivo: injectee.cpp Projeto: haraldF/apitrace

// See
// http://www.microsoft.com/msj/1298/hood/hood1298.aspx
// http://msdn.microsoft.com/en-us/library/16b2dyk5.aspx
static LPVOID *
getOldFunctionAddress(HMODULE hModule,
                      PImgDelayDescr pDelayDescriptor,
                      const char* pszFunctionName)
{
    assert(pDelayDescriptor->rvaDLLName != 0);

    return getOldFunctionAddress(hModule,
                                 getDescriptorName(hModule, pDelayDescriptor),
                                 pDelayDescriptor->rvaINT,
                                 pDelayDescriptor->rvaIAT,
                                 pszFunctionName);
}

Exemplo n.º 4

0

Exibir arquivo

Arquivo: injectee.cpp Projeto: haraldF/apitrace

static LPVOID *
getOldFunctionAddress(HMODULE hModule,
                      PIMAGE_IMPORT_DESCRIPTOR pImportDescriptor,
                      const char* pszFunctionName)
{
    assert(pImportDescriptor->TimeDateStamp != 0 || pImportDescriptor->Name != 0);

    return getOldFunctionAddress(hModule,
                                 getDescriptorName(hModule, pImportDescriptor),
                                 pImportDescriptor->OriginalFirstThunk,
                                 pImportDescriptor->FirstThunk,
                                 pszFunctionName);
}