Created
February 22, 2016 22:34
-
-
Save leegao/14833959e76bd559879d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Let's not mangle these names 0x0819ec3c | |
| extern "C" { | |
| #include <lua5.2/lua.h> | |
| #include <lua5.2/lauxlib.h> | |
| #include <sys/mman.h> | |
| #include <stdio.h> | |
| #include <limits.h> | |
| #ifndef PAGESIZE | |
| #define PAGESIZE 4096 | |
| #endif | |
| int redirect(void* from, void* to) { | |
| void* page_start = (void*) ((unsigned long) from & (~(PAGESIZE - 1))); | |
| if (mprotect( | |
| page_start, PAGESIZE, PROT_WRITE | PROT_READ | PROT_EXEC)) { | |
| perror("Couldn’t mprotect"); | |
| return -1; | |
| } | |
| char* bb = (char*) from; | |
| int i = 0; | |
| unsigned long long target = (unsigned long long) to; | |
| #define w bb[i++] = | |
| #define W(x) bb[i++] = (x) & 0xff; bb[i++] = ((x) & 0xff00)>>8; \ | |
| bb[i++] = ((x) & 0xff0000)>>16; bb[i++] = ((x) & 0xff000000)>>24 | |
| w 0x48; w 0xb8; | |
| W(target & 0xffffffff); | |
| W(target >> 32); // movabs $target, %rax | |
| w 0xff; w 0xe0; // jmp *%rax | |
| return 0; | |
| } | |
| int main() { | |
| // redirect((void*) lol, (void*) lua_pushboolean); | |
| // lol(0,0); | |
| // lua_pushboolean(0, 0); | |
| return 0; | |
| } | |
| int LUA_API luaopen_patch(lua_State *L) { | |
| return 0; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment