Hook/Detour 虚拟函数
我一直在尝试正确地挂钩/绕行类对象中的虚拟函数,并且在调用不同的函数方面取得了成功,但就 this 的方式而言,我必须做一些不正确的事情 关键字被传递给函数。
我读过一篇关于以类似方式挂钩 D3D 函数的文章,其中提到编译器会将诸如 int Class::method(int) 之类的函数转换为 int method(Class* this , int),但是如果我用这样定义的函数替换 vtable 中的地址,则“this”的地址不正确,因此这可能不正确。
编译器如何布置成员函数,是否可以以非成员函数形式表示它,以便我可以将 vtable 中的地址设置为这样的函数并能够引用适当的对象?
I've been trying to properly hook/detour a virtual function in a class object, and I've had success in terms of having a different function called, but I must be doing something that's incorrect in terms of how the this keyword is passed to the function.
I read an article about hooking D3D functions in a similar fashion, and it mentioned that the compiler will turn a function such as int Class::method(int) into int method(Class* this, int), but if I replace the address in the vtable with a function that is defined as such, the address for 'this' is incorrect, so that's probably not right.
How are member functions laid out by the compiler, and is it possible to represent it in non-member-function form so that I can set the address in the vtable to such a function and be able to refer to the appropriate object?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要将函数定义为 此调用。它将
this传递到ecx寄存器上。按照您的方式,该函数期望在堆栈上出现this并读取可能属于另一个参数的错误值。You need to define your function as thiscall. It passes
thison theecxregister. The way you've done it, the function was expectingthison the stack and reading the wrong value which probably belonged to another argument.