static void ErrorDo(uint32_t error) { if (error == 0xbe0e0aea) // ERR_GEN_INVALID { FatalError("Invalid rage::fiPackfile encryption type specified. If you have any modified game files, please remove or verify them. See http://rsg.ms/verify for more information."); } trace("error function called from %p for code 0x%08x\n", _ReturnAddress(), error); // provide pickup file for minidump handler to use FILE* dbgFile = _wfopen(MakeRelativeCitPath(L"cache\\error_out").c_str(), L"wb"); if (dbgFile) { fwrite(&error, 1, 4, dbgFile); uint64_t retAddr = (uint64_t)_ReturnAddress(); fwrite(&retAddr, 1, 8, dbgFile); fclose(dbgFile); } // NOTE: crashes on this line are supposed to be read based on the exception-write address! *(uint32_t*)(error | 0x1000000000) = 0xDEADBADE; TerminateProcess(GetCurrentProcess(), -1); }
__declspec(noreturn) void __cdecl __report_gsfailure (ULONG_PTR StackCookie) { volatile UINT_PTR cookie[2] __MINGW_ATTRIB_UNUSED; #if defined(_WIN64) && !defined(__aarch64__) ULONG64 controlPC, imgBase, establisherFrame; PRUNTIME_FUNCTION fctEntry; PVOID hndData; RtlCaptureContext (&GS_ContextRecord); controlPC = GS_ContextRecord.Rip; fctEntry = RtlLookupFunctionEntry (controlPC, &imgBase, NULL); if (fctEntry != NULL) { RtlVirtualUnwind (UNW_FLAG_NHANDLER, imgBase, controlPC, fctEntry, &GS_ContextRecord, &hndData, &establisherFrame, NULL); } else #endif /* _WIN64 */ { #if defined(__x86_64__) || defined(_AMD64_) GS_ContextRecord.Rip = (ULONGLONG) _ReturnAddress(); GS_ContextRecord.Rsp = (ULONGLONG) _AddressOfReturnAddress() + 8; #elif defined(__i386__) || defined(_X86_) GS_ContextRecord.Eip = (DWORD) _ReturnAddress(); GS_ContextRecord.Esp = (DWORD) _AddressOfReturnAddress() + 4; #elif defined(__arm__) || defined(_ARM_) GS_ContextRecord.Pc = (DWORD) _ReturnAddress(); GS_ContextRecord.Sp = (DWORD) _AddressOfReturnAddress() + 4; #endif /* _WIN64 */ } #if defined(__x86_64__) || defined(_AMD64_) GS_ExceptionRecord.ExceptionAddress = (PVOID) GS_ContextRecord.Rip; GS_ContextRecord.Rcx = StackCookie; #elif defined(__i386__) || defined(_X86_) GS_ExceptionRecord.ExceptionAddress = (PVOID) GS_ContextRecord.Eip; GS_ContextRecord.Ecx = StackCookie; #elif defined(__arm__) || defined(_ARM_) GS_ExceptionRecord.ExceptionAddress = (PVOID) GS_ContextRecord.Pc; UNUSED_PARAM(StackCookie); #endif /* _WIN64 */ GS_ExceptionRecord.ExceptionCode = STATUS_STACK_BUFFER_OVERRUN; GS_ExceptionRecord.ExceptionFlags = EXCEPTION_NONCONTINUABLE; cookie[0] = __security_cookie; cookie[1] = __security_cookie_complement; SetUnhandledExceptionFilter (NULL); UnhandledExceptionFilter ((EXCEPTION_POINTERS *) &GS_ExceptionPointers); TerminateProcess (GetCurrentProcess (), STATUS_STACK_BUFFER_OVERRUN); abort(); }
// The following code gets exception pointers using a workaround found in CRT code. void GetExceptionPointers(DWORD dwExceptionCode, EXCEPTION_POINTERS* pExceptionPointers) { // The following code was taken from VC++ 8.0 CRT (invarg.c: line 104) CONTEXT ContextRecord; memset(&ContextRecord, 0, sizeof(CONTEXT)); #ifdef _X86_ __asm { mov dword ptr [ContextRecord.Eax], eax mov dword ptr [ContextRecord.Ecx], ecx mov dword ptr [ContextRecord.Edx], edx mov dword ptr [ContextRecord.Ebx], ebx mov dword ptr [ContextRecord.Esi], esi mov dword ptr [ContextRecord.Edi], edi mov word ptr [ContextRecord.SegSs], ss mov word ptr [ContextRecord.SegCs], cs mov word ptr [ContextRecord.SegDs], ds mov word ptr [ContextRecord.SegEs], es mov word ptr [ContextRecord.SegFs], fs mov word ptr [ContextRecord.SegGs], gs pushfd pop [ContextRecord.EFlags] } ContextRecord.ContextFlags = CONTEXT_CONTROL; #pragma warning(push) #pragma warning(disable:4311) ContextRecord.Eip = (ULONG)_ReturnAddress(); ContextRecord.Esp = (ULONG)_AddressOfReturnAddress(); #pragma warning(pop) ContextRecord.Ebp = *((ULONG *)_AddressOfReturnAddress()-1); #elif defined (_IA64_) || defined (_AMD64_) /* Need to fill up the Context in IA64 and AMD64. */ RtlCaptureContext(&ContextRecord); #else /* defined (_IA64_) || defined (_AMD64_) */ ZeroMemory(&ContextRecord, sizeof(ContextRecord)); #endif /* defined (_IA64_) || defined (_AMD64_) */ memcpy(pExceptionPointers->ContextRecord, &ContextRecord, sizeof(CONTEXT)); ZeroMemory(pExceptionPointers->ExceptionRecord, sizeof(EXCEPTION_RECORD)); pExceptionPointers->ExceptionRecord->ExceptionCode = dwExceptionCode; pExceptionPointers->ExceptionRecord->ExceptionAddress = _ReturnAddress(); }
static void get_exception_pointers(EXCEPTION_POINTERS* ep) { // The following code was taken from VC++ 8.0 CRT (invarg.c: line 104) CONTEXT context = {}; ZeroMemory(&context, sizeof(context)); #ifdef _X86_ __asm { mov dword ptr [context.Eax], eax mov dword ptr [context.Ecx], ecx mov dword ptr [context.Edx], edx mov dword ptr [context.Ebx], ebx mov dword ptr [context.Esi], esi mov dword ptr [context.Edi], edi mov word ptr [context.SegSs], ss mov word ptr [context.SegCs], cs mov word ptr [context.SegDs], ds mov word ptr [context.SegEs], es mov word ptr [context.SegFs], fs mov word ptr [context.SegGs], gs pushfd pop [context.EFlags] } context.ContextFlags = CONTEXT_CONTROL; #pragma warning(push) #pragma warning(disable:4311) context.Eip = (ULONG)_ReturnAddress(); context.Esp = (ULONG)_AddressOfReturnAddress(); #pragma warning(pop) context.Ebp = *((ULONG *)_AddressOfReturnAddress()-1); #elif defined (_IA64_) || defined (_AMD64_) /* Need to fill up the Context in IA64 and AMD64. */ RtlCaptureContext(&context); #else /* defined (_IA64_) || defined (_AMD64_) */ #endif /* defined (_IA64_) || defined (_AMD64_) */ CopyMemory(ep->ContextRecord, &context, sizeof(CONTEXT)); ZeroMemory(ep->ExceptionRecord, sizeof(EXCEPTION_RECORD)); //ep->ExceptionRecord->ExceptionCode = dwExceptionCode; ep->ExceptionRecord->ExceptionAddress = _ReturnAddress(); }
HMODULE WINAPI HookLoadLibraryExW(LPCWSTR lpFileName,HANDLE hFile,DWORD dwFlags) { UINT_PTR dwCaller; /* 是否信任的dll */ if ( iSAuthorized(lpFileName) ) { return TrueLoadLibraryExW(lpFileName, hFile, dwFlags); } #ifdef __GNUC__ dwCaller = (UINT_PTR)__builtin_return_address(0); #else dwCaller = (UINT_PTR)_ReturnAddress(); #endif /* 判断是否是从User32.dll调用 */ if ( is_specialdll(dwCaller,L"user32.dll") ) { /* 如果进程或模块在白名单里 */ if ( in_whitelist(lpFileName) ) { #ifdef _LOGDEBUG logmsg("%ls in whitelist\n",lpFileName); #endif return TrueLoadLibraryExW(lpFileName, hFile, dwFlags); } else { #ifdef _LOGDEBUG logmsg("the %ls disable load\n",lpFileName); #endif return NULL; } } return TrueLoadLibraryExW(lpFileName, hFile, dwFlags); }
static void LoadObjectsNowWrap(void* streaming, bool a2) { uint64_t beginTime = GetTickCount64(); ICoreGameInit* init = Instance<ICoreGameInit>::Get(); init->SetData("gta-core-five:loadCaller", fmt::sprintf("%016x", (uintptr_t)_ReturnAddress())); init->SetData("gta-core-five:loadTime", fmt::sprintf("%d", beginTime)); g_origLoadObjectsNow(streaming, a2); init->SetData("gta-core-five:loadCaller", ""); uint64_t elapsedTime = (GetTickCount64() - beginTime); if (elapsedTime > 2000) { trace("Warning: LoadObjectsNow took %d msec (invoked from %016x)!\n", elapsedTime, (uintptr_t)_ReturnAddress()); trace("---------------- DO FIX THE ABOVE ^\n"); if (Instance<ICoreGameInit>::Get()->GetGameLoaded()) { trace("---------------- IF YOU CAN NOT FIX IT AND THIS OCCURS DURING GAMEPLAY\n"); trace("---------------- PLEASE CONTACT THE FIVEM DEVELOPERS ON https://forum.fivem.net/\n"); trace("---------------- WITH THIS CITIZENFX.LOG FILE\n"); trace("---------------- \n"); trace("---------------- THIS BLOCKING LOAD _WILL_ CAUSE CLIENT GAME CRASHES\n"); } } }
static NTSTATUS NtQueryInformationProcessHook(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, OUT PVOID ProcessInformation, IN ULONG ProcessInformationLength, OUT PULONG ReturnLength OPTIONAL) { NTSTATUS status = ((NtQueryInformationProcessType)origQIP)(ProcessHandle, ProcessInformationClass, ProcessInformation, ProcessInformationLength, ReturnLength); if (NT_SUCCESS(status)) { if (ProcessInformationClass == ProcessBasicInformation) { ((PPROCESS_BASIC_INFORMATION)ProcessInformation)->Reserved3 = (PVOID)explorerPid; } else if (ProcessInformationClass == 30) // ProcessDebugObjectHandle { *(HANDLE*)ProcessInformation = 0; return STATUS_PORT_NOT_SET; } else if (ProcessInformationClass == 7) // ProcessDebugPort { if (!IsModule<BaseModule>(_ReturnAddress())) { *(HANDLE*)ProcessInformation = 0; } } else if (ProcessInformationClass == 31) { *(ULONG*)ProcessInformation = 1; } } return status; }
int __stdcall track_closesocket(SOCKET socket) { uintptr_t loc = (uintptr_t)_ReturnAddress(); tracker_socket_free(loc, socket); return dllclosesocket(socket); }
int track_fclose(FILE* stream) { uintptr_t loc = (uintptr_t)_ReturnAddress(); tracker_file_free(loc, (uintptr_t)stream, FILE_XBMC_FOPEN); return dll_fclose(stream); }
int track_close(int fd) { uintptr_t loc = (uintptr_t)_ReturnAddress(); tracker_file_free(loc, fd, FILE_XBMC_OPEN); return dll_close(fd); }
OBGEDirect3D9::~OBGEDirect3D9() { /* remove from vector and replace by the other version */ OBGEDrivers.erase(std::find(OBGEDrivers.begin(), OBGEDrivers.end(), this)); lastOBGEDirect3D9 = (OBGEDrivers.size() ? OBGEDrivers.back() : NULL); _MESSAGE("OD3D9: Driver 0x%08x destructed from 0x%08x (%d drivers left)", this, _ReturnAddress(), OBGEDrivers.size()); }
WAI_NOINLINE WAI_FUNCSPEC int WAI_PREFIX(getModulePath)(char* out, int capacity, int* dirname_length) { HMODULE module; int length = -1; #if defined(_MSC_VER) #pragma warning(push) #pragma warning(disable: 4054) #endif if (GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS | GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT, (LPCTSTR) #if defined(_MSC_VER) _ReturnAddress() #else __builtin_extract_return_addr(__builtin_return_address(0)) #endif , &module)) #if defined(_MSC_VER) #pragma warning(pop) #endif { length = WAI_PREFIX(getModulePath_)(module, out, capacity, dirname_length); } return length; }
int _RosLogDebug ( ULONG Level ) { static PCSTR levelDescriptions[] = { "[%s]", // TRACE_LEVEL_NONE "critical error", // TRACE_LEVEL_CRITICAL "noncritical error", // TRACE_LEVEL_ERROR "warning", // TRACE_LEVEL_WARNING "information", // TRACE_LEVEL_INFORMATION "trace" // TRACE_LEVEL_VERBOSE }; // levelDescriptions volatile void* returnAddress = _ReturnAddress(); volatile PCSTR levelDescriptionSz = levelDescriptions[(Level < ARRAYSIZE(levelDescriptions)) ? Level : 0]; char buf[64]; HRESULT hr = StringCchPrintfA( buf, ARRAYSIZE(buf), "\n*** ROSUMD %s detected @%p.\n", levelDescriptionSz, returnAddress); if (SUCCEEDED(hr)) { OutputDebugStringA(buf); } DbgRaiseAssertionFailure(); return 1; } // _RosLogDebug (...)
NTSTATUS NTAPI HookedNtContinue(PCONTEXT ThreadContext, BOOLEAN RaiseAlert) //restore DRx Registers { DWORD_PTR retAddress = (DWORD_PTR)_ReturnAddress(); if (!KiUserExceptionDispatcherAddress) { KiUserExceptionDispatcherAddress = (DWORD_PTR)GetProcAddress(DllExchange.hNtdll, "KiUserExceptionDispatcher"); } if (ThreadContext) { //char text[100]; //wsprintfA(text, "HookedNtContinue return %X", _ReturnAddress()); //MessageBoxA(0, text, "debug", 0); if (retAddress >= KiUserExceptionDispatcherAddress && retAddress < (KiUserExceptionDispatcherAddress + 0x100)) { int index = ThreadDebugContextFindExistingSlotIndex(); if (index != -1) { ThreadContext->Dr0 = ArrayDebugRegister[index].Dr0; ThreadContext->Dr1 = ArrayDebugRegister[index].Dr1; ThreadContext->Dr2 = ArrayDebugRegister[index].Dr2; ThreadContext->Dr3 = ArrayDebugRegister[index].Dr3; ThreadContext->Dr6 = ArrayDebugRegister[index].Dr6; ThreadContext->Dr7 = ArrayDebugRegister[index].Dr7; ThreadDebugContextRemoveEntry(index); } } } return DllExchange.dNtContinue(ThreadContext, RaiseAlert); }
BOOL NTAPI ProbeInvokeCreateProcessW( PCWSTR ApplicationName, PWSTR CommandLine, PSECURITY_ATTRIBUTES ProcessAttributes, PSECURITY_ATTRIBUTES ThreadAttributes, BOOL InheritHandles, ULONG CreationFlags, PVOID Environment, PCWSTR CurrentDirectory, LPSTARTUPINFOW StartupInfo, PPROCESS_INFORMATION ProcessInformation ) { if (TryIsProbeProcess(ApplicationName, CommandLine)) { InvokeReturnAddress = _ReturnAddress(); RtlSetLastWin32Error(NO_ERROR); return FALSE; } return Shell32CreateProcessWPtr(ApplicationName, CommandLine, ProcessAttributes, ThreadAttributes, InheritHandles, CreationFlags, Environment, CurrentDirectory, StartupInfo, ProcessInformation); }
extern "C" BOOL __stdcall track_FreeLibrary(HINSTANCE hLibModule) { uintptr_t loc = (uintptr_t)_ReturnAddress(); tracker_library_free(loc, hLibModule); return dllFreeLibrary(hLibModule); }
FILE* track_fopen(const char* sFileName, const char* mode) { uintptr_t loc = (uintptr_t)_ReturnAddress(); FILE* fd = dll_fopen(sFileName, mode); if (fd) tracker_file_track(loc, (uintptr_t)fd, FILE_XBMC_FOPEN, sFileName); return fd; }
int track_open(const char* sFileName, int iMode) { uintptr_t loc = (uintptr_t)_ReturnAddress(); int fd = dll_open(sFileName, iMode); if (fd >= 0) tracker_file_track(loc, fd, FILE_XBMC_OPEN, sFileName); return fd; }
int DrawableDictStoreGetUsageWrap(int dict) { int usage = DrawblDictGetUsage(dict); if (usage == 0 && _ReturnAddress() == (void*)0xBCC153) { bool deferred = false; auto pair = m_dependencyDrawableDicts.equal_range(dict); for (auto it = pair.first; it != pair.second; it++) { if (it->second->HasInstance()) { if (!it->second->ShouldRelease()) { //trace("model info for %s (0x%08x) still has %i references!\n", GetStreamName(dict, *(int*)0xF272E4).c_str(), it->second->GetModelHash(), it->second->GetRefCount()); return 1; } it->second->RemoveInstance(); deferred = true; } } //m_dependencyDrawableDicts.erase(dict); auto entPair = m_dependencyDictEnts.equal_range(dict); for (auto it = entPair.first; it != entPair.second; it++) { it->second->DestroyModel(); deferred = true; } m_dependencyDictEnts.erase(dict); if (deferred) { //trace("pre-deferring drawable destruction for %s\n", GetStreamName(dict, *(int*)0xF272E4).c_str()); DeferToNextFrame([=] () { //trace("executing pre-deferred drawable destruction for %s\n", GetStreamName(dict, *(int*)0xF272E4).c_str()); //ReleaseDrawblDict(dict); ReleaseStreamingObjectNow((void*)0xF21C60, dict + GetTypeStart(*(int*)0xF272E4)); }); return 1; } } return usage; }
// Hook function. IDirect3D9* FAR WINAPI OBGEDirect3DCreate9(UINT sdk_version) { Direct3DCreate9_t old_func = (Direct3DCreate9_t) D3DHook.Functions[D3DFN_Direct3DCreate9].OrigFn; IDirect3D9* d3d = old_func(sdk_version); _MESSAGE("OD3D9: Driver queried from 0x%08x", _ReturnAddress()); return d3d ? new OBGEDirect3D9(d3d) : 0; }
SOCKET __stdcall track_socket(int af, int type, int protocol) { uintptr_t loc = (uintptr_t)_ReturnAddress(); SOCKET socket = dllsocket(af, type, protocol); if(socket>=0) tracker_socket_track(loc, socket); return socket; }
HRESULT myIDirect3DDevice9::CreateQuery(D3DQUERYTYPE Type,IDirect3DQuery9** ppQuery) { if (GetAsyncKeyState(VK_F4)) { OutputDebugString(va("createquery called from %08x\n", (DWORD)_ReturnAddress())); } return(m_pIDirect3DDevice9->CreateQuery(Type,ppQuery)); }
HRESULT myIDirect3DDevice9::Clear(DWORD Count,CONST D3DRECT* pRects,DWORD Flags,D3DCOLOR Color,float Z,DWORD Stencil) { if (GetAsyncKeyState(VK_F4)) { OutputDebugString(va("clear called from %08x\n", (DWORD)_ReturnAddress())); } return(m_pIDirect3DDevice9->Clear(Count,pRects,Flags,Color,Z,Stencil)); }
SOCKET __stdcall track_accept(SOCKET s, struct sockaddr FAR * addr, OUT int FAR * addrlen) { uintptr_t loc = (uintptr_t)_ReturnAddress(); SOCKET socket = dllaccept(s, addr, addrlen); if (socket>=0) tracker_socket_track(loc, socket); return socket; }
void cbGetExceptionPointers() { CONTEXT context; memset( &context, 0, sizeof(CONTEXT) ); #ifdef _X86_ __asm { mov dword ptr [context.Eax], eax mov dword ptr [context.Ecx], ecx mov dword ptr [context.Edx], edx mov dword ptr [context.Ebx], ebx mov dword ptr [context.Esi], esi mov dword ptr [context.Edi], edi mov word ptr [context.SegSs], ss mov word ptr [context.SegCs], cs mov word ptr [context.SegDs], ds mov word ptr [context.SegEs], es mov word ptr [context.SegFs], fs mov word ptr [context.SegGs], gs pushfd pop [context.EFlags] } context.ContextFlags = CONTEXT_CONTROL; context.Eip = (ULONG)_ReturnAddress(); context.Esp = (ULONG)_AddressOfReturnAddress(); context.Ebp = *((ULONG *)_AddressOfReturnAddress()-1); #elif defined (_IA64_) || defined (_AMD64_) RtlCaptureContext( &context ); #else #error #endif memcpy( &cbTmpContext, &context, sizeof(CONTEXT) ); ZeroMemory( &cbTmpExceptionRecord, sizeof(EXCEPTION_RECORD) ); cbTmpExceptionRecord.ExceptionCode = 0; cbTmpExceptionRecord.ExceptionAddress = _ReturnAddress(); cbReportData->exceptionPtrs = &cbTmpExceptionPtrs; cbTmpExceptionPtrs.ExceptionRecord = &cbTmpExceptionRecord; cbTmpExceptionPtrs.ContextRecord = &cbTmpContext; }
HRESULT STDMETHODCALLTYPE OBGEDirect3D9::CreateDevice( UINT Adapter, D3DDEVTYPE DeviceType, HWND hFocusWindow, DWORD BehaviorFlags, D3DPRESENT_PARAMETERS *pPresentationParameters, IDirect3DDevice9 **ppReturnedDeviceInterface) { HRESULT hr; D3DFORMAT asbak; #if 0 /* check if the format isn't possibly really available */ if (MultiSample.Get() && (pPresentationParameters->MultiSampleType == D3DMULTISAMPLE_NONE)) { D3DFORMAT frmt = D3DFMT_UNKNOWN; if (IsHDR()) frmt = D3DFMT_A16B16G16R16F; else frmt = D3DFMT_A8R8G8B8; hr = m_d3d->CheckDeviceMultiSampleType(D3DADAPTER_DEFAULT, D3DDEVTYPE_HAL, frmt, FALSE, (D3DMULTISAMPLE_TYPE)MultiSample.Get(), NULL); if (SUCCEEDED(hr)) { pPresentationParameters->MultiSampleType = (D3DMULTISAMPLE_TYPE)MultiSample.Get(); pPresentationParameters->MultiSampleQuality = 0; pPresentationParameters->Flags &= ~D3DPRESENTFLAG_LOCKABLE_BACKBUFFER; } } #endif /* replace whatever by INTZ for example if possible */ pPresentationParameters->AutoDepthStencilFormat = GetDepthBufferFormat(m_d3d, asbak = pPresentationParameters->AutoDepthStencilFormat, pPresentationParameters->MultiSampleType); /* try -> fail -> restore */ hr = m_d3d->CreateDevice(Adapter, DeviceType, hFocusWindow, BehaviorFlags, pPresentationParameters, ppReturnedDeviceInterface); if (!SUCCEEDED(hr)) { pPresentationParameters->AutoDepthStencilFormat = asbak; hr = m_d3d->CreateDevice(Adapter, DeviceType, hFocusWindow, BehaviorFlags, pPresentationParameters, ppReturnedDeviceInterface); } _MESSAGE("OD3D9: Device queried from 0x%08x", _ReturnAddress()); _MESSAGE("OD3D9: Queue %d, MS-type %d, MS-quality %d", pPresentationParameters->BackBufferCount, pPresentationParameters->MultiSampleType, pPresentationParameters->MultiSampleQuality); // Return our device if (SUCCEEDED(hr)) *ppReturnedDeviceInterface = new OBGEDirect3DDevice9(this, *ppReturnedDeviceInterface); return hr; }
FILE* track_freopen(const char *path, const char *mode, FILE *stream) { uintptr_t loc = (uintptr_t)_ReturnAddress(); tracker_file_free(loc, (uintptr_t)stream, FILE_XBMC_FOPEN); stream = dll_freopen(path, mode, stream); if (stream) tracker_file_track(loc, (uintptr_t)stream, FILE_XBMC_FOPEN, path); return stream; }
bool __stdcall hooks::hooked_timedemo() { static auto original_fn = engine_hook->get_func_address< IsPlayingTimeDemo_t >(83); static auto interpolated_server_entities = reinterpret_cast<void *>(util::pattern_scan("client_panorama.dll", "55 8B EC 83 EC 1C 8B 0D ? ? ? ? 53")); static ConVar* interp = g_csgo.m_cvar()->FindVar("cl_interpolate"); if (interp->GetInt() == 0 && abs((int)((int*)_ReturnAddress()) - (int)interpolated_server_entities) < 400 && g_ctx.m_local && g_ctx.m_local->is_alive()) return true; return original_fn(g_csgo.m_engine()); }
// The hook handler for ExFreePool(). Logs if ExFreePool() is called from where // not backed by any image _Use_decl_annotations_ static VOID DdimonpHandleExFreePool(PVOID p) { const auto original = DdimonpFindOrignal(DdimonpHandleExFreePool); original(p); // Is inside image? auto return_addr = _ReturnAddress(); if (UtilPcToFileHeader(return_addr)) { return; } HYPERPLATFORM_LOG_INFO_SAFE("%p: ExFreePool(P= %p)", return_addr, p); }
HRESULT WINAPI HookSHGetFolderPathW(HWND hwndOwner,int nFolder,HANDLE hToken, DWORD dwFlags,LPWSTR pszPath) { UINT_PTR dwCaller; BOOL dwFf = FALSE; WCHAR dllname[VALUE_LEN+1]; int folder = nFolder & 0xff; HRESULT ret = E_FAIL; #ifdef __GNUC__ dwCaller = (UINT_PTR)__builtin_return_address(0); #else dwCaller = (UINT_PTR)_ReturnAddress(); #endif GetModuleFileNameW(dll_module, dllname, VALUE_LEN); dwFf = is_specialdll(dwCaller, dllname) || is_specialdll(dwCaller, L"*\\xul.dll") || is_specialdll(dwCaller, L"*\\npswf*.dll"); if (env_thread) { WaitForSingleObject(env_thread,1500); CloseHandle(env_thread); env_thread = NULL; } if ( dwFf ) { switch (folder) { int num = 0; case CSIDL_APPDATA: { num = _snwprintf(pszPath,MAX_PATH,L"%ls",appdata_path); pszPath[num] = L'\0'; ret = S_OK; break; } case CSIDL_LOCAL_APPDATA: { num = _snwprintf(pszPath,MAX_PATH,L"%ls",localdata_path); pszPath[num] = L'\0'; ret = S_OK; break; } default: break; } } if (S_OK != ret) { ret = TrueSHGetFolderPathW(hwndOwner, nFolder, hToken, dwFlags, pszPath); } return ret; }