Hooking/Detour Virtual Functions

跟風遠走 提交于 2020-01-05 18:25:02

问题


I've been trying to properly hook/detour a virtual function in a class object, and I've had success in terms of having a different function called, but I must be doing something that's incorrect in terms of how the this keyword is passed to the function.

I read an article about hooking D3D functions in a similar fashion, and it mentioned that the compiler will turn a function such as int Class::method(int) into int method(Class* this, int), but if I replace the address in the vtable with a function that is defined as such, the address for 'this' is incorrect, so that's probably not right.

How are member functions laid out by the compiler, and is it possible to represent it in non-member-function form so that I can set the address in the vtable to such a function and be able to refer to the appropriate object?


回答1:


You need to define your function as thiscall. It passes this on the ecx register. The way you've done it, the function was expecting this on the stack and reading the wrong value which probably belonged to another argument.



来源:https://stackoverflow.com/questions/7376897/hooking-detour-virtual-functions

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!