[DarthMan]

I want to hook CBasePlayer::ObserverStart with Orpheu, since Okapi is having some issues especially on Linux and with virtual functions mostly, so I don't wanna use it at all anymore, as my server eprforms much betetr since I got rid of it.

Plugin test:

PHP Code:

#include <amxmodx>
#include <orpheu>

new const g_szPluginName[] = "Observer Spectator Test";
new const g_szPluginVersion[] = "1.0";
new const g_szPluginAuthor[] = "DarthMan";

new OrpheuFunction: g_hFuncStartObserver;
new OrpheuHook: g_hStartObserver;
const OrpheuInvalidHook = OrpheuHook: 0;

#define PLUGIN_NAME g_szPluginName
#define PLUGIN_VERSION g_szPluginVersion
#define PLUGIN_AUTHOR g_szPluginAuthor

public plugin_init()
{
    register_plugin(PLUGIN_NAME, PLUGIN_VERSION, PLUGIN_AUTHOR);

    RegisterForward();
}

public plugin_precache()
{
    g_hFuncStartObserver = OrpheuGetFunction("StartObserver", "CBasePlayer");
}

RegisterForward()
{
    if(g_hFuncStartObserver != OrpheuInvalidFunction)
    {
        if(g_hStartObserver == OrpheuInvalidHook)
        {
            g_hStartObserver = OrpheuRegisterHook(g_hFuncStartObserver, "OnPlayerSpectate_Post", OrpheuHookPost);
        }
    }
}

UnregisterForward()
{
    if(g_hStartObserver != OrpheuInvalidHook)
    {
        OrpheuUnregisterHook(g_hStartObserver);
    }
}

public plugin_unpause()
{
    RegisterForward();
}

public plugin_pause()
{
    UnregisterForward();
}

public plugin_end()
{
    UnregisterForward();
}

public OnPlayerSpectate_Post(const iID)
{
    new szPlayerName[32];

    get_user_name(iID, szPlayerName, charsmax(szPlayerName));

    server_print("%s joined team 'SPECTATORS'.", szPlayerName);

    new iPlayers[32], iPlayer, iNum;

    get_players(iPlayers, iNum);

    if(iNum > 1)
    {
        for(new i = 0; i < iNum; i++)
        {
            iPlayer = iPlayers[i];

            if(iPlayer != iID)
            {
                client_print(iPlayer, print_chat, "* %s joined team 'SPECTATORS'.", szPlayerName);
            }
        }
    }
} 


Signature file:

PHP Code:

{ 
    "name" : "StartObserver", 
    "class" : "CBasePlayer",
    "library" : "mod", 
    "arguments" : 
    [ 
        { 
            "type" : "Vector"
        },
        { 
            "type" : "Vector"
        }
    ], 
    "identifiers" :
    [
        {
            "os" : "windows",
            "mod" : "tfc",
            "value" : [0x53,0x56,0x8B,"*",0x57,0x33,"*",0x8B,"*","*",0x57,0x83,"*","*",0x50,0x6A]
        },
        {
            "os" : "linux",
            "mod" : "tfc",
            "value" : "_ZN11CBasePlayer13StartObserverE6VectorS0_"
        }
    ]
    
} 


The funcion has Params as Vectos as args as per HLSDK. So, is there a way I can hook it with Orpheu?

[HamletEagle]

Nope, orpheu doesn't like Vector. Only Vector* IIRC.
You could try changing vector to float, float, float and see if it's passed properly.

[DarthMan]

Quote:

Originally Posted by HamletEagle Nope, orpheu doesn't like Vector. Only Vector* IIRC. You could try changing vector to float, float, float and see if it's passed properly.

I was aware that Orpheu doesn't support Vector, but I was thinking that I could maybe trick Orpheu into successfully parsing the function if no arguments are specified, both on the file and on the plug-in. But it turns out that even with the arguments removed from the file, it still can't parse it. The 6x float did the trick, the function is successfully parsed now, the values are correct. But from my point of view, it's not the most reliable method, and for the functions that return Vector, it's impossible. But Okapi is ot an option for me, it gives plenty of segmentation faults, only on Linux.

[HamletEagle]

I know about okapi, I was the one who reported it years ago. If you don't want to use the float, float, float trick then I'm afraid there's nothing else to be done.

[DarthMan]

Quote:

Originally Posted by HamletEagle I know about okapi, I was the one who reported it years ago. If you don't want to use the float, float, float trick then I'm afraid there's nothing else to be done.

Rage is another possibillity, but unfortunately, Rage doesn't work either. When I make a handler, no plug-in is needed, the server simply crashes when Rage is trying to read it. Same thing happens with any handler provided on AlliedModders.

[Shooting King]

Quote:

Originally Posted by DarthMan I was aware that Orpheu doesn't support Vector, but I was thinking that I could maybe trick Orpheu into successfully parsing the function if no arguments are specified, both on the file and on the plug-in. But it turns out that even with the arguments removed from the file, it still can't parse it. The 6x float did the trick, the function is successfully parsed now, the values are correct. But from my point of view, it's not the most reliable method, and for the functions that return Vector, it's impossible. But Okapi is ot an option for me, it gives plenty of segmentation faults, only on Linux.

Yes just replace a Vector with 3x Float (for 3D Vecs and 2x Float in 2D Vecs). HL1 Vectors are different from C++ vectors, These are simply 3 Floats tied to some methods. (3D Vecs and 2D Vects, HLSDK:vec_t#L27, HLSDK:Vector2D#L33, HLSDK:Vector3D#L70), in Sig file and Forward Header.

Orpheu actually implements Vector Handlers (apart from Vec* Handler) from the start. And Sig scanning dosent really care about the funtion params. But it is the Orpheu which requires the Params types so that it,
1. Can interpret and convert OriginalFunc Args to AMX Cells, what it actual got from memory (Function::Call()#L208 [TypeHandler::ConvertToAMX]).
2. If the Original Call is not superceded, call the OriginalFuntion after pushing actual arguments onto stack (Function::callOriginal()#L284)

Interpretation of memory is already taken care of by Orpheu:TypeHandlers. The problem with Vector is that we have to push sizeof(Float)*3 (*3 in-case of 3D, *2 in-case of 2D) on to stack Function::CallOriginal(). On the other hand, Vector* (or any <Class>*), only pointer which is of constant size need to be pushed onto stack before Calling OriginalFunc(CBasePlayer::StartObserver in this case).

So Orpheu is only designed to push pointers or any vars with size < sizeof(long*) (4 Bytes) per argument onto stack before calling OriginalFunc. So as a hack to the hacker, just say to Orpheu that there are 3 Float (or 2 Float for Vec2D) instead of one Vector Argument in Sig file. Now orpheu in CallOrigical() will keep pushing sizeof(Float)x3 bytes onto stack thinking there are 3 arguments to the OriginalFunc, which is really what we need

This workaround should work for all nonStd nonPointer Class object arguments (having said that their interpretation type handlers are implemented), since in memory 3xFloats and Vector3D are same. I don't think this is any less reliable. And about returning a NonStd Type, more info is required : ) Actually editing Orpheu to directly support nonStd Classes is not that hard but, since we have a busy(lazy) maintainer for Orpheu and AMXX and the official feature frozen state, the changes would not make their way into a release, and would not help the greater purpose of this community.