Changeset 4649


Ignore:
Timestamp:
Sep 20, 2010 11:53:57 PM (4 years ago)
Author:
sam
Message:

Refactor the DLL initialisation code to allow several diversions.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • zzuf/trunk/src/libzzuf/sys.c

    r4648 r4649  
    3636
    3737#if defined HAVE_WINDOWS_H
    38 static void insert_func(void *, void *, void *);
     38static void insert_funcs(void *);
    3939
    4040/* TODO: get rid of this later */
     
    4343{
    4444    void *ret;
    45     fprintf(stderr, "If you see this message, DLL preloading worked\n");
     45    fprintf(stderr, "This is the diverted LoadLibraryA\n");
    4646    ret = LoadLibraryA_orig(path);
    47     fprintf(stderr, "If you see this message, function diversion worked\n");
     47    fprintf(stderr, "Now the real LoadLibraryA was called\n");
    4848    return ret;
    4949}
     
    5555    MEMORY_BASIC_INFORMATION mbi;
    5656    MODULEENTRY32 entry;
    57     void *list, *kernel32;
     57    void *list;
    5858    int k;
    59 
    60     kernel32 = GetModuleHandleA("kernel32.dll");
    61     LoadLibraryA_orig = (void *)GetProcAddress(kernel32, "LoadLibraryA");
    6259
    6360    VirtualQuery(_zz_sys_init, &mbi, sizeof(mbi));
     
    6966            continue; /* Don't replace our own functions */
    7067
    71         insert_func(entry.hModule, LoadLibraryA_orig, LoadLibraryA_new);
     68        insert_funcs(entry.hModule);
    7269    }
    7370    CloseHandle(list);
     
    7875
    7976#if defined HAVE_WINDOWS_H
    80 static void insert_func(void *module, void *old, void *new)
     77static void insert_funcs(void *module)
    8178{
     79    struct { char const *lib, *name; void **old; void *new; }
     80    diversions[] =
     81    {
     82        { "kernel32.dll", "LoadLibraryA", &LoadLibraryA_orig, LoadLibraryA_new },
     83    };
     84
    8285    unsigned long dummy;
    8386    import_t import;
    8487    thunk_t thunk;
    85     int j, i;
     88    int k, j, i;
    8689
    8790    import = (import_t)
     
    9194        return;
    9295
    93     for(j = 0; import[j].Name; j++)
     96    for (k = 0; k < sizeof(diversions) / sizeof(*diversions); k++)
    9497    {
    95         char *name = (char *)module + import[j].Name;
    96         if(lstrcmpiA(name, "kernel32.dll") != 0)
    97             continue;
     98        void *lib = GetModuleHandleA(diversions[k].lib);
     99        *diversions[k].old = (void *)GetProcAddress(lib, diversions[k].name);
    98100
    99         thunk = (thunk_t)((char *)module + import->FirstThunk);
    100         for(i = 0; thunk[i].u1.Function; i++)
     101        for(j = 0; import[j].Name; j++)
    101102        {
    102             void **func = (void **)&thunk[i].u1.Function;
    103             if(*func != old)
     103            char *name = (char *)module + import[j].Name;
     104            if(lstrcmpiA(name, diversions[k].lib) != 0)
    104105                continue;
    105106
    106             /* FIXME: The StarCraft 2 hack uses two methods for function
    107              * diversion. See HookSsdt() and HookHotPatch(). */
    108             VirtualProtect(func, sizeof(func), PAGE_EXECUTE_READWRITE, &dummy);
    109             WriteProcessMemory(GetCurrentProcess(), func, &new,
    110                                sizeof(new), NULL);
    111             return;
     107            thunk = (thunk_t)((char *)module + import->FirstThunk);
     108            for(i = 0; thunk[i].u1.Function; i++)
     109            {
     110                void **func = (void **)&thunk[i].u1.Function;
     111                if(*func != *diversions[k].old)
     112                    continue;
     113
     114                /* FIXME: The StarCraft 2 hack uses two methods for function
     115                 * diversion. See HookSsdt() and HookHotPatch(). */
     116                VirtualProtect(func, sizeof(func), PAGE_EXECUTE_READWRITE, &dummy);
     117                WriteProcessMemory(GetCurrentProcess(), func, &diversions[k].new,
     118                                   sizeof(diversions[k].new), NULL);
     119            }
    112120        }
    113121    }
Note: See TracChangeset for help on using the changeset viewer.