dont use terminatethread and other refactors

This commit is contained in:
Akash Mozumdar 2018-12-01 15:53:54 -05:00
parent 2f544afaa5
commit 385af259a9
4 changed files with 44 additions and 53 deletions

View File

@ -29,6 +29,12 @@ WCHAR *processName, // cached
processPath[MAX_PATH]; // cached processPath[MAX_PATH]; // cached
//LPVOID trigger_addr; //LPVOID trigger_addr;
/** jichi 12/24/2014
* @param addr function address
* @param frame real address of the function, supposed to be the same as addr
* @param stack address of current stack - 4
* @return If success, which is reverted
*/
trigger_fun_t trigger_fun_; trigger_fun_t trigger_fun_;
} // namespace Engine } // namespace Engine

View File

@ -8,10 +8,10 @@
#include "types.h" #include "types.h"
void TextOutput(ThreadParam tp, BYTE* text, int len); void TextOutput(ThreadParam tp, BYTE* text, int len);
void ConsoleOutput(LPCSTR text); void ConsoleOutput(LPCSTR text, ...);
void NotifyHookRemove(uint64_t addr); void NotifyHookRemove(uint64_t addr);
void NewHook(HookParam hp, LPCSTR name, DWORD flag = HOOK_ENGINE); void NewHook(HookParam hp, LPCSTR name, DWORD flag = HOOK_ENGINE);
void RemoveHook(uint64_t addr); void RemoveHook(uint64_t addr, int maxOffset = 9);
#define ITH_RAISE (*(int*)0 = 0) // raise C000005, for debugging only #define ITH_RAISE (*(int*)0 = 0) // raise C000005, for debugging only
#define ITH_TRY __try #define ITH_TRY __try

View File

@ -19,7 +19,7 @@
#include "growl.h" #include "growl.h"
#include <Psapi.h> #include <Psapi.h>
extern std::unique_ptr<WinMutex> sectionMutex; extern std::unique_ptr<WinMutex> viewMutex;
// - Unnamed helpers - // - Unnamed helpers -
@ -95,16 +95,17 @@ void SetTrigger()
// - TextHook methods - // - TextHook methods -
bool TextHook::InsertHook() bool TextHook::Insert(HookParam h, DWORD set_flag)
{ {
//ConsoleOutput("vnrcli:InsertHook: enter"); LOCK(*viewMutex);
LOCK(*sectionMutex); hp = h;
hp.insertion_address = hp.address;
hp.type |= set_flag;
if (hp.type & USING_UTF8) hp.codepage = CP_UTF8; if (hp.type & USING_UTF8) hp.codepage = CP_UTF8;
if (hp.type & DIRECT_READ) return InsertReadCode(); if (hp.type & DIRECT_READ) return InsertReadCode();
#ifndef _WIN64 #ifndef _WIN64
else return InsertHookCode(); else return InsertHookCode();
#endif #endif
//ConsoleOutput("vnrcli:InsertHook: leave");
return false; return false;
} }
@ -126,12 +127,6 @@ void TextHook::Send(DWORD dwDataBase)
dwAddr = hp.insertion_address; dwAddr = hp.insertion_address;
dwRetn = *(DWORD*)dwDataBase; // first value on stack (if hooked start of function, this is return address) dwRetn = *(DWORD*)dwDataBase; // first value on stack (if hooked start of function, this is return address)
/** jichi 12/24/2014
* @param addr function address
* @param frame real address of the function, supposed to be the same as addr
* @param stack address of current stack - 4
* @return If success, which is reverted
*/
if (trigger) if (trigger)
trigger = Engine::InsertDynamicHook((LPVOID)dwAddr, *(DWORD *)(dwDataBase - 0x1c), *(DWORD *)(dwDataBase - 0x18)); trigger = Engine::InsertDynamicHook((LPVOID)dwAddr, *(DWORD *)(dwDataBase - 0x1c), *(DWORD *)(dwDataBase - 0x18));
@ -166,7 +161,7 @@ void TextHook::Send(DWORD dwDataBase)
} }
dwCount = GetLength(dwDataBase, dwDataIn); dwCount = GetLength(dwDataBase, dwDataIn);
} }
// jichi 12/25/2013: validate data size
if (dwCount == 0 || dwCount > PIPE_BUFFER_SIZE - sizeof(ThreadParam)) return; if (dwCount == 0 || dwCount > PIPE_BUFFER_SIZE - sizeof(ThreadParam)) return;
if (hp.length_offset == 1) { if (hp.length_offset == 1) {
@ -180,7 +175,6 @@ void TextHook::Send(DWORD dwDataBase)
else else
::memcpy(pbData, (void*)dwDataIn, dwCount); ::memcpy(pbData, (void*)dwDataIn, dwCount);
// jichi 10/14/2014: Add filter function
if (hp.filter_fun && !hp.filter_fun(pbData, &dwCount, &hp, 0) || dwCount <= 0) return; if (hp.filter_fun && !hp.filter_fun(pbData, &dwCount, &hp, 0) || dwCount <= 0) return;
if (dwType & (NO_CONTEXT | FIXING_SPLIT)) if (dwType & (NO_CONTEXT | FIXING_SPLIT))
@ -219,24 +213,23 @@ insert:
return false; return false;
} }
#ifndef _WIN64
*(TextHook**)(common_hook + 9) = this; *(TextHook**)(common_hook + 9) = this;
*(void(TextHook::**)(DWORD))(common_hook + 14) = &TextHook::Send; *(void(TextHook::**)(DWORD))(common_hook + 14) = &TextHook::Send;
*(void**)(common_hook + 24) = original; *(void**)(common_hook + 24) = original;
memcpy(trampoline, common_hook, sizeof(common_hook)); memcpy(trampoline, common_hook, sizeof(common_hook));
#else // _WIN32
BYTE* original;
MH_CreateHook((void*)hp.address, (void*)trampoline, (void**)&original);
memcpy(trampoline, common_hook, sizeof(common_hook));
void* thisPtr = (void*)this;
memcpy(trampoline + 30, &thisPtr, sizeof(void*));
auto sendPtr = (void(TextHook::*)(void*))&TextHook::Send;
memcpy(trampoline + 46, &sendPtr, sizeof(sendPtr));
memcpy(trampoline + sizeof(common_hook) - 8, &original, sizeof(void*));
#endif // _WIN64
//BYTE* original; return MH_EnableHook((void*)hp.insertion_address) == MH_OK;
//MH_CreateHook((void*)hp.address, (void*)trampoline, (void**)&original);
//memcpy(trampoline, common_hook, sizeof(common_hook));
//void* thisPtr = (void*)this;
//memcpy(trampoline + 30, &thisPtr, sizeof(void*));
//auto sendPtr = (void(TextHook::*)(void*))&TextHook::Send;
//memcpy(trampoline + 46, &sendPtr, sizeof(sendPtr));
//memcpy(trampoline + sizeof(common_hook) - 8, &original, sizeof(void*));
if (MH_EnableHook((void*)hp.insertion_address) != MH_OK) return false;
return true;
} }
#endif // _WIN32 #endif // _WIN32
@ -249,10 +242,9 @@ DWORD WINAPI Reader(LPVOID hookPtr)
__try __try
{ {
const void* currentAddress = (void*)hook->hp.insertion_address; const void* currentAddress = (void*)hook->hp.insertion_address;
while (true) while (WaitForSingleObject(hook->readerEvent, 500) == WAIT_TIMEOUT)
{ {
if (hook->hp.type & DATA_INDIRECT) currentAddress = *((char**)hook->hp.insertion_address + hook->hp.index); if (hook->hp.type & DATA_INDIRECT) currentAddress = *((char**)hook->hp.insertion_address + hook->hp.index);
Sleep(500);
if (memcmp(buffer, currentAddress, dataLen + 1) == 0) if (memcmp(buffer, currentAddress, dataLen + 1) == 0)
{ {
changeCount = 0; changeCount = 0;
@ -261,6 +253,7 @@ DWORD WINAPI Reader(LPVOID hookPtr)
if (++changeCount > 10) if (++changeCount > 10)
{ {
ConsoleOutput(GARBAGE_MEMORY); ConsoleOutput(GARBAGE_MEMORY);
hook->Clear();
break; break;
} }
@ -276,27 +269,18 @@ DWORD WINAPI Reader(LPVOID hookPtr)
__except (EXCEPTION_EXECUTE_HANDLER) __except (EXCEPTION_EXECUTE_HANDLER)
{ {
ConsoleOutput("Textractor: Reader ERROR (likely an incorrect R-code)"); ConsoleOutput("Textractor: Reader ERROR (likely an incorrect R-code)");
hook->Clear();
} }
hook->ClearHook();
return 0; return 0;
} }
bool TextHook::InsertReadCode() bool TextHook::InsertReadCode()
{ {
//RemoveHook(hp.address); // Artikash 8/25/2018: clear existing readerThread = CreateThread(nullptr, 0, Reader, this, 0, nullptr);
readerHandle = CreateThread(nullptr, 0, Reader, this, 0, nullptr); readerEvent = CreateEventW(nullptr, FALSE, FALSE, NULL);
return true; return true;
} }
void TextHook::InitHook(HookParam h, LPCSTR name, DWORD set_flag)
{
LOCK(*sectionMutex);
hp = h;
hp.insertion_address = hp.address;
hp.type |= set_flag;
strcpy_s<HOOK_NAME_SIZE>(hookName, name);
}
void TextHook::RemoveHookCode() void TextHook::RemoveHookCode()
{ {
MH_DisableHook((void*)hp.insertion_address); MH_DisableHook((void*)hp.insertion_address);
@ -305,14 +289,16 @@ void TextHook::RemoveHookCode()
void TextHook::RemoveReadCode() void TextHook::RemoveReadCode()
{ {
TerminateThread(readerHandle, 0); SetEvent(readerEvent);
CloseHandle(readerHandle); if (GetThreadId(readerThread) != GetCurrentThreadId()) WaitForSingleObject(readerThread, 1000);
CloseHandle(readerEvent);
CloseHandle(readerThread);
} }
void TextHook::ClearHook() void TextHook::Clear()
{ {
LOCK(*sectionMutex); LOCK(*viewMutex);
ConsoleOutput((REMOVING_HOOK + std::string(hookName)).c_str()); ConsoleOutput(REMOVING_HOOK, hp.name);
if (hp.type & DIRECT_READ) RemoveReadCode(); if (hp.type & DIRECT_READ) RemoveReadCode();
else RemoveHookCode(); else RemoveHookCode();
NotifyHookRemove(hp.insertion_address); NotifyHookRemove(hp.insertion_address);

View File

@ -23,16 +23,15 @@ class TextHook
void RemoveHookCode(); void RemoveHookCode();
void RemoveReadCode(); void RemoveReadCode();
HANDLE readerThread, readerEvent;
BYTE trampoline[120];
public: public:
HookParam hp; HookParam hp;
char hookName[HOOK_NAME_SIZE];
BYTE trampoline[120];
HANDLE readerHandle;
bool InsertHook(); bool Insert(HookParam hp, DWORD set_flag);
void InitHook(HookParam hp, LPCSTR name, DWORD set_flag);
void Send(DWORD dwDataBase); void Send(DWORD dwDataBase);
void ClearHook(); void Clear();
friend DWORD WINAPI Reader(LPVOID hookPtr);
}; };
enum { MAX_HOOK = 300, HOOK_BUFFER_SIZE = MAX_HOOK * sizeof(TextHook), HOOK_SECTION_SIZE = HOOK_BUFFER_SIZE * 2 }; enum { MAX_HOOK = 300, HOOK_BUFFER_SIZE = MAX_HOOK * sizeof(TextHook), HOOK_SECTION_SIZE = HOOK_BUFFER_SIZE * 2 };