Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this questionJust for the fun of it, I am trying to make a simple detouring library that will detour member functions by modifying the vtable of the class to create a detour. I am getting some odd behaviour. Here is the entire program (I am using MSVC++ 2010):
fixed
It's jmp
ing to the address of the new function correctly, but it crashes after that. When I watch it in ollydbg to see why it's crashing, something very strange happens. It will walk right over some instructions without doing anything. Where I see a push xxx
in the debugg开发者_JAVA百科er, the stack will not be modified. Where I see a retn 4
the thing will just keep going, into the space between functions, filled with int 3
s. Does anyone have any idea why this is happening?
EDIT: Nevermind, I found the answer.
Found the problem. Turns out you have to subtract 5 from the address to calculate it correctly, since it's the relative address not from the end of the instruction but from the beginning.
for MSVC Microsoft Research has library called "Detours": http://research.microsoft.com/en-us/projects/detours/ You may want to use it since it is already available and I think 32 bit version is free.
精彩评论