orisano · October 31, 2017 00:24
diff --git a/decahook.h b/decahook.h
 /**
  decahook.h
  easy function hooking macros for DECAF.
  support to stdcall only.
  Copyright (c) 2016 Nao Yonashiro

  This software is released under the MIT License.
  http://opensource.org/licenses/mit-license.php
 */
 #ifndef DECAHOOK_H
 #define DECAHOOK_H

 #include "cpu-all.h"            // for cpu_single_env
 #include "cpu.h"                // for R_ESP
 #include "shared/DECAF_main.h"  // for DECAF_read_mem, DECAF_write_mem
 #include "shared/DECAF_types.h" // for gva_t, DECAF_Handle, DECAF_NULL_HANDLE
 #include "shared/hookapi.h" // for hookapi_remove_hook, hookapi_hook_return, hookapi_hook_function_byname
 #include <stdlib.h> // for malloc, free, size_t

 #define DECAHOOK_DEFINE(fn, args, hook_call, hook_ret)                         \
  struct fn##_context_t {                                                      \
    gva_t ret_addr;                                                            \
    struct args arguments;                                                     \
    DECAF_Handle hook_handle;                                                  \
  };                                                                           \
  static void fn##_ret(void *params) {                                         \
    fn##_context_t *ctx = (fn##_context_t *)params;                            \
    hook_ret;                                                                  \
    hookapi_remove_hook(ctx->hook_handle);                                     \
    free(ctx);                                                                 \
  }                                                                            \
  static void fn##_call(void *) {                                              \
    const size_t ctx_size = sizeof(fn##_context_t);                            \
    const size_t handle_size = sizeof(DECAF_Handle);                           \
    const gva_t esp = cpu_single_env->regs[R_ESP];                             \
    fn##_context_t *ctx = (fn##_context_t *)malloc(ctx_size);                  \
    if (ctx == NULL)                                                           \
      return;                                                                  \
    DECAF_read_mem(NULL, esp, ctx_size - handle_size, ctx);                    \
    hook_call;                                                                 \
    ctx->hook_handle =                                                         \
        hookapi_hook_return(ctx->ret_addr, fn##_ret, ctx, ctx_size);           \
    DECAF_write_mem(NULL, esp, ctx_size - handle_size, ctx);                   \
  }                                                                            \
  static DECAF_Handle fn##_handle = DECAF_NULL_HANDLE

 #define DECAHOOK_REGISTER(fn, module, cr3)                                     \
  fn##_handle =                                                                \
      hookapi_hook_function_byname(module, #fn, 1, cr3, fn##_call, NULL, 0)

 #define DECAHOOK_AW(M, fn, ...)                                                \
  M(fn##A, __VA_ARGS__);                                                       \
  M(fn##W, __VA_ARGS__)
 #define DECAHOOK_DEFINE_AW(...) DECAHOOK_AW(DECAHOOK_DEFINE, __VA_ARGS__)
 #define DECAHOOK_REGISTER_AW(...) DECAHOOK_AW(DECAHOOK_REGISTER, __VA_ARGS__)

 #endif // DECAHOOK_H
	/**
	decahook.h
	easy function hooking macros for DECAF.
	support to stdcall only.
	Copyright (c) 2016 Nao Yonashiro

	This software is released under the MIT License.
	http://opensource.org/licenses/mit-license.php
	*/
	#ifndef DECAHOOK_H
	#define DECAHOOK_H

	#include "cpu-all.h" // for cpu_single_env
	#include "cpu.h" // for R_ESP
	#include "shared/DECAF_main.h" // for DECAF_read_mem, DECAF_write_mem
	#include "shared/DECAF_types.h" // for gva_t, DECAF_Handle, DECAF_NULL_HANDLE
	#include "shared/hookapi.h" // for hookapi_remove_hook, hookapi_hook_return, hookapi_hook_function_byname
	#include <stdlib.h> // for malloc, free, size_t

	#define DECAHOOK_DEFINE(fn, args, hook_call, hook_ret) \
	struct fn##_context_t { \
	gva_t ret_addr; \
	struct args arguments; \
	DECAF_Handle hook_handle; \
	}; \
	static void fn##_ret(void *params) { \
	fn##_context_t ctx = (fn##_context_t )params; \
	hook_ret; \
	hookapi_remove_hook(ctx->hook_handle); \
	free(ctx); \
	} \
	static void fn##_call(void *) { \
	const size_t ctx_size = sizeof(fn##_context_t); \
	const size_t handle_size = sizeof(DECAF_Handle); \
	const gva_t esp = cpu_single_env->regs[R_ESP]; \
	fn##_context_t ctx = (fn##_context_t )malloc(ctx_size); \
	if (ctx == NULL) \
	return; \
	DECAF_read_mem(NULL, esp, ctx_size - handle_size, ctx); \
	hook_call; \
	ctx->hook_handle = \
	hookapi_hook_return(ctx->ret_addr, fn##_ret, ctx, ctx_size); \
	DECAF_write_mem(NULL, esp, ctx_size - handle_size, ctx); \
	} \
	static DECAF_Handle fn##_handle = DECAF_NULL_HANDLE

	#define DECAHOOK_REGISTER(fn, module, cr3) \
	fn##_handle = \
	hookapi_hook_function_byname(module, #fn, 1, cr3, fn##_call, NULL, 0)

	#define DECAHOOK_AW(M, fn, ...) \
	M(fn##A, __VA_ARGS__); \
	M(fn##W, __VA_ARGS__)
	#define DECAHOOK_DEFINE_AW(...) DECAHOOK_AW(DECAHOOK_DEFINE, __VA_ARGS__)
	#define DECAHOOK_REGISTER_AW(...) DECAHOOK_AW(DECAHOOK_REGISTER, __VA_ARGS__)

	#endif // DECAHOOK_H
No results found