Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
I'm trying to get the address to a function from its caller function, to set up a detour for it. It looks like this:
CNMRiH_GameRules::CleanAndResetMap(void) + E4 == call CEventQueue::Clear(void) Both are non-virtual so I'm using DHooks with Experimental Dynamic Detours. I set up my gamedata to look like this: PHP Code:
PHP Code:
https://crash.limetech.org/sselqyxocfdi https://crash.limetech.org/zltfxqe7oabw Am I doing something wrong here? The signature is confirmed valid Thanks |
Re: Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
PHP Code:
https://wiki.alliedmods.net/SDKTools...ddress_lookups Edit: Location in sourcemod code where this is done https://github.com/alliedmodders/sou...pp#L1031#L1047 |
Re: Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
Thank you, I've fixed that together with a wrong offset calculation (now 244 instead of 228)
Unfortunately, it's still crashing, now on sourcemod.logic.dll!CGameConfig::GetAddress instead: https://crash.limetech.org/hhvmep4pdgdl I'm not sure what's up with that. The offset is definitely correct this time: https://i.imgur.com/L6dWmQu.png PHP Code:
|
Re: Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
Any chance you can send the IDB?
|
Re: Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
|
Re: Crash on DHook detouring
Quote:
Thanks for the hints so far |
Re: Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
Marking as solved as I managed to get my hands on a unique signature for the target function (thanks Ryan!) This approach is no longer needed.
|
Re: Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
I was wrong in my earlier reply. A read or offset entry are equivalent.
Though you found an alternate solution, in case someone happens to want the info: If you have a signature for a function, and 0xF4 bytes into that function is a call instruction, then addressOf(sig) + 0xF4 does not hold the target of the call. First, there's an 0xE8 for call's opcode, then a relative offset for the target. It's relative to the next instruction. So, the offset is at addressOf(sig) + 0xF5. You'd have to get what's at that address (you could use a "read" "0" like Benoist said) and add it to addressOf(sig) + 0xF4 + 0x5. The 0x5 is because the call instruction is 5 bytes long, so that's the address of the next instruction. |
Re: Crash on DHook detouring
Glad you solved it :)
Quote:
|
Re: Crash on DHook detouring (dhooks.ext.dll + 0xc3e0)
Quote:
|
All times are GMT -4. The time now is 12:09. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.