From 29e411f9b9c44cd8c7749e76165e85425d9eead1 Mon Sep 17 00:00:00 2001 From: Kevin Trocolli Date: Sun, 10 Dec 2023 18:47:39 -0500 Subject: [PATCH] bump new capnhook version with builtin procaddr hooks --- hooklib/meson.build | 2 - hooklib/procaddr.c | 127 -------------------------------------- hooklib/procaddr.h | 19 ------ subprojects/capnhook.wrap | 2 +- 4 files changed, 1 insertion(+), 149 deletions(-) delete mode 100644 hooklib/procaddr.c delete mode 100644 hooklib/procaddr.h diff --git a/hooklib/meson.build b/hooklib/meson.build index a286d3e..47c4cab 100644 --- a/hooklib/meson.build +++ b/hooklib/meson.build @@ -21,8 +21,6 @@ hooklib_lib = static_library( 'fdshark.h', 'path.c', 'path.h', - 'procaddr.c', - 'procaddr.h', 'reg.c', 'reg.h', 'setupapi.c', diff --git a/hooklib/procaddr.c b/hooklib/procaddr.c deleted file mode 100644 index 6eb7858..0000000 --- a/hooklib/procaddr.c +++ /dev/null @@ -1,127 +0,0 @@ -#include -#include -#include -#include - -#include "hooklib/procaddr.h" - -#include "hook/table.h" - -#include "util/dprintf.h" - -static struct proc_addr_table *proc_addr_hook_list; -static size_t proc_addr_hook_count; -static CRITICAL_SECTION proc_addr_hook_lock; -static bool proc_addr_hook_initted; - -static FARPROC WINAPI my_GetProcAddress(HMODULE hModule, const char *name); -static FARPROC (WINAPI *next_GetProcAddress)(HMODULE hModule, const char *name); -static void proc_addr_hook_init(); - -static const struct hook_symbol win32_hooks[] = { - { - .name = "GetProcAddress", - .patch = my_GetProcAddress, - .link = (void **) &next_GetProcAddress - } -}; - -HRESULT proc_addr_table_push( - HMODULE loader_mod, - const char *target, - struct hook_symbol *syms, - size_t nsyms -) -{ - HRESULT hr; - struct proc_addr_table *new_item; - struct proc_addr_table *new_mem; - - proc_addr_hook_init(); - - hook_table_apply( - loader_mod, - "kernel32.dll", - win32_hooks, - _countof(win32_hooks)); - - EnterCriticalSection(&proc_addr_hook_lock); - - new_mem = realloc( - proc_addr_hook_list, - (proc_addr_hook_count + 1) * sizeof(struct proc_addr_table)); - - if (new_mem == NULL) { - hr = E_OUTOFMEMORY; - - LeaveCriticalSection(&proc_addr_hook_lock); - return hr; - } - - new_item = &new_mem[proc_addr_hook_count]; - new_item->name = target; - new_item->nsyms = nsyms; - new_item->syms = syms; - - proc_addr_hook_list = new_mem; - proc_addr_hook_count++; - hr = S_OK; - - LeaveCriticalSection(&proc_addr_hook_lock); - - return hr; -} - -static void proc_addr_hook_init(void) -{ - if (proc_addr_hook_initted) { - return; - } - - dprintf("ProcAddr: Hook init\n"); - proc_addr_hook_initted = true; - - InitializeCriticalSection(&proc_addr_hook_lock); -} - -FARPROC WINAPI my_GetProcAddress(HMODULE hModule, const char *name) -{ - uintptr_t ordinal = (uintptr_t) name; - char mod_path[PATH_MAX]; - char *mod_name; - const struct hook_symbol *sym; - FARPROC result = next_GetProcAddress(hModule, name); - - GetModuleFileNameA(hModule, mod_path, PATH_MAX); - mod_name = basename(mod_path); - - for (int i = 0; i < proc_addr_hook_count; i++) { - - if (strcmp(proc_addr_hook_list[i].name, mod_name) == 0) { - - // dprintf("ProcAddr: Looking for %s from %s\n", name, mod_name); - for (int j = 0; j < proc_addr_hook_list[i].nsyms; j++) { - sym = &proc_addr_hook_list[i].syms[j]; - - if (ordinal > 0xFFFF) { - - if (strcmp(sym->name, name) == 0) { - - dprintf("ProcAddr: Hooking %s from %s\n", name, mod_name); - result = (FARPROC) sym->patch; - } - } - - else { - if (sym->ordinal == ordinal) { - - dprintf("ProcAddr: Hooking Ord %p from %s\n", (void *)ordinal, mod_name); - result = (FARPROC) sym->patch; - } - } - } - } - } - - return result; -} \ No newline at end of file diff --git a/hooklib/procaddr.h b/hooklib/procaddr.h deleted file mode 100644 index 24514f8..0000000 --- a/hooklib/procaddr.h +++ /dev/null @@ -1,19 +0,0 @@ -#pragma once -#include -#include -#include - -#include "hook/table.h" - -struct proc_addr_table { - const char *name; - size_t nsyms; - struct hook_symbol *syms; -}; - -HRESULT proc_addr_table_push( - HMODULE loader_mod, - const char *target, - struct hook_symbol *syms, - size_t nsyms -); diff --git a/subprojects/capnhook.wrap b/subprojects/capnhook.wrap index 2f42bff..f874fd4 100644 --- a/subprojects/capnhook.wrap +++ b/subprojects/capnhook.wrap @@ -1,4 +1,4 @@ [wrap-git] directory = capnhook url = https://github.com/Hay1tsme/capnhook -revision = 888d068d58e68cf702e0cee872959a71413a7b55 \ No newline at end of file +revision = aaeed259951eb95d10a4334e8bef55a3e6ea9c91 \ No newline at end of file