0
使用Microsoft Detours時出現訪問衝突時遇到問題。我製作了一個加載到第三方應用程序的dll。我正在使用走彎路一個未公開的函數國際開發協會專業顯示爲trampiline功能:使用Microsoft Detours時出現訪問衝突
void __thiscall sub_6142E0(int a2, int a3)
我的代碼如下所示: 的#include 「stdafx.h中」 的#include 的#include
typedef void(__stdcall* pFunc)(int d1, int d2);
pFunc FuncToDetour = (pFunc)(0x6142EC);
void MyFunc(int d1, int d2)//Function does not mach call convension __thiscall. Possible problem?
{
printf("a2 %i, a1 %i);\n", d1, d2);
FuncToDetour(d1, d2);
}
void Init()
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)FuncToDetour, MyFunc);
DetourTransactionCommit();
}
我想攔截功能的原裝配是這樣的:
sub_6142E0 proc near
arg_0= dword ptr 8
arg_4= dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ecx+8]
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
的變化彎路做的結果是:
.text:006142EC jmp near ptr unk_F9C6802
...
d3d9.dll:0F9C6802 jmp near ptr unk_F9D5FE0 //jump to function in my dll
...
void MyFunc(int d1, int d2)//my function
{
printf("updateHealth(%i, %i);\n", d1, d2);
}
...
Stack[00004A8C]:0019FB4C sub ah, bh
Stack[00004A8C]:0019FB4E sbb [eax], eax //eax=0x491B -> access violation
Stack[00004A8C]:0019FB50 cmc
Stack[00004A8C]:0019FB51 inc si
Stack[00004A8C]:0019FB53 add [eax], dl
Stack[00004A8C]:0019FB55 add [eax], eax
Stack[00004A8C]:0019FB57 add [eax+80019FDh], cl
Stack[00004A8C]:0019FB5D add byte_19FC6415[eax], dh
Stack[00004A8C]:0019FB5D ; -------------------------------------------------
該錯誤消息我得到的是:
The instruction 0x19FB4E referenced memory at 0x491B. The memory could not be written -> 0000491B (exc.code c0000005, tid 19084)