hook return

This commit is contained in:
恍兮惚兮 2024-05-10 14:00:53 +08:00
parent 9f19a1fd33
commit 4d058af250
4 changed files with 19 additions and 3 deletions

View File

@ -120,6 +120,7 @@ inline uintptr_t *argidx(hook_stack* stack,int idx){
case 2:offset=get_reg(regs::rdx);break; case 2:offset=get_reg(regs::rdx);break;
case 3:offset=get_reg(regs::r8);break; case 3:offset=get_reg(regs::r8);break;
case 4:offset=get_reg(regs::r9);break; case 4:offset=get_reg(regs::r9);break;
default:offset=get_stack(idx);
} }
return (uintptr_t*)((uintptr_t)stack+sizeof(hook_stack)-sizeof(uintptr_t)+offset); return (uintptr_t*)((uintptr_t)stack+sizeof(hook_stack)-sizeof(uintptr_t)+offset);
#else #else

View File

@ -187,7 +187,18 @@ void TextHook::Send(uintptr_t lpDataBase)
if (auto current_trigger_fun = trigger_fun.exchange(nullptr)) if (auto current_trigger_fun = trigger_fun.exchange(nullptr))
if (!current_trigger_fun(location, stack->ebp, stack->esp)) trigger_fun = current_trigger_fun; if (!current_trigger_fun(location, stack->ebp, stack->esp)) trigger_fun = current_trigger_fun;
#endif #endif
if(hp.type&HOOK_RETURN){
hp.type&=~HOOK_RETURN;
hp.address=stack->retaddr;
strcat(hp.name,"_Return");
//清除jit hook特征防止手动插入
strcpy(hp.unityfunctioninfo,"");
hp.emu_addr=0;
NewHook(hp,hp.name);
hp.type|=HOOK_EMPTY;
__leave;
}
if (hp.type & HOOK_EMPTY) __leave; // jichi 10/24/2014: dummy hook only for dynamic hook if (hp.type & HOOK_EMPTY) __leave; // jichi 10/24/2014: dummy hook only for dynamic hook
size_t lpCount = 0; size_t lpCount = 0;

View File

@ -70,9 +70,10 @@ enum HookParamType : uint64_t
DECLARE_VALUE(NORMAL_INLINEHOOK,0), DECLARE_VALUE(NORMAL_INLINEHOOK,0),
NEXT_MASK(BREAK_POINT), NEXT_MASK(BREAK_POINT),
NEXT_MASK(HOOK_EMPTY),
NEXT_MASK(DIRECT_READ), // /R read code instead of classic /H hook code NEXT_MASK(DIRECT_READ), // /R read code instead of classic /H hook code
NEXT_MASK(HOOK_RETURN),
NEXT_MASK(HOOK_EMPTY),
}; };

View File

@ -46,6 +46,9 @@ namespace
switch (HCode[0]) switch (HCode[0])
{ {
case L'L':
hp.type|=HOOK_RETURN;
break;
case L'B': case L'B':
hp.type|=BREAK_POINT; hp.type|=BREAK_POINT;
case L'H': case L'H':