[Marineio]

Hey all, first post, hope I don't make an idiot of myself within 5 minutes of coming here.

I am trying to hook various class methods with SourceHook, of which I don't have an instance (CTFWeaponBase, CTFWeaponBaseMelee, CTFKnife, etc), and I'm starting to get confused beyond belief.

I've been thinking about creating class defs for the classes that don't have headers, etc, but still confused.

What are my options for this exactly?

[pRED*]

Sooo...

SourceHook hooks virtual functions by editing the virtual table index (its like an array of function pointers) to an internal function which calls all the required hooks and then calling the original function.

Every class has its own virtual table (assuming it has virtual functions) even if the contents are the same. So in this case every weapon type has its own vtable even though the CalcIsAttackCriticalHelper line will only ever point to one of three code functions.

To work out which line in the vtable needs to be changed to hook the function you can either provide SourceHook with a class definition which it uses to count, or use a manual hook and provide your own number.

SourceHook can do global hooks (where it fires the hook func everytime that vtable index gets called) or single hooks (where it only fires if the thisptr matches the one you created it with).

Assuming you want to hook the crit function for all possible guns in tf2 you need to setup a hook for every weapon class (every possible branch into one of those three crit functions). Yup, fun.
So you either need the instance pointer of every weapon that gets spawned or at least one instance pointer for every weapon type.

A hook on one of the CTFPlayer functions (like equip?) should be able to give you these pointers then you can add hooks.

Theres a script for ida in the sourcemod svn trunk/editor/ida that will dump a vtable layout similar to: http://wiki.alliedmods.net/CTFPlayer...am_Fortress_2) where the number is the windows offset and linux is +1.

The other option (and what I used in tf2 ext) is to use detouring (binary interception). This edits the assembly directly at the function so you only need 3 hooks and doesn't require an instance pointer. It does however need the void* to the address of the function in memory.

Links:
Windows Detours: http://research.microsoft.com/sn/detours/
My implementation (works on windows and linux but requires the sourcemod sdk - you could remove this easily enough): http://users.svn.alliedmods.net/view...est/?root=pred
Sig Scanning (finding the void* function addresses), bit old but still mostly valid especially bail's blog articles) : http://wiki.alliedmods.net/Signature_Scanning