Ignore:
Timestamp:
Sep 18, 2010, 1:09:03 AM (10 years ago)
Author:
Sam Hocevar
Message:

Add a few comments in the code for new Win32 strategies.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • zzuf/trunk/src/myfork.c

    r4393 r4645  
    386386
    387387    /* Backup the old entry point code */
    388     ReadProcessMemory(process, epaddr, code + loaderlen,
    389                       jumperlen, &tmp);
     388    ReadProcessMemory(process, epaddr, code + loaderlen, jumperlen, &tmp);
    390389    if(tmp != jumperlen)
    391390        return -1;
     391
     392    /* XXX: at this point, the StarCraft 2 hack replaces the entry point
     393     * contents with a jump to self, then waits until the program counter
     394     * actually reaches the entry point. Not sure whether it is needed. */
    392395
    393396    /* FIXME: the GetProcAddress calls assume the library was loaded at
    394397     * the same address in the child process. This is wrong since Vista
    395      * and its address space randomisation. */
     398     * and its address space randomisation. The StarCraft 2 hack remotely
     399     * parses the target process's module list in order to find the
     400     * kernel32.dll address. Have a look at _RemoteGetProcAddress(). */
    396401    kernel32 = LoadLibrary("kernel32.dll");
    397402    if(!kernel32)
Note: See TracChangeset for help on using the changeset viewer.