Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 14:52

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 
Author Message
 Post subject: [jk3/jka] problem hooking a function
PostPosted: 05 Jun 2010 04:08 

Joined: 05 Jun 2010 04:01
Posts: 3
Code:
typedef void( *tCL_AddReliableCommand)(char *cmd, BOOL isDisconnectCmd);
tCL_AddReliableCommand mCL_AddReliableCommand;
void CL_AddReliableCommand( char *cmd, BOOL isDisconnectCmd)
{
   Com_Printf("[ %s ]\n", cmd);
   mCL_AddReliableCommand(cmd,isDisconnectCmd);
}

void sethooks(void)
{
   mCL_AddReliableCommand   =   (tCL_AddReliableCommand)   DetourCreate( (void*)0x41C6F0,      CL_AddReliableCommand,   DETOUR_TYPE_JMP);
}

It prints random characters. I can make it work in jk2 but not jk3.
I'm pretty sure I have the right address..
Code:
.text:0041C6F0
.text:0041C6F0 ; =============== S U B R O U T I N E =======================================
.text:0041C6F0
.text:0041C6F0
.text:0041C6F0 CL_AddReliableCommand proc near         ; CODE XREF: sub_412160+4CCp
.text:0041C6F0                                         ; sub_41BA60+94p ...
.text:0041C6F0                 mov     eax, dword_9144F8
.text:0041C6F5                 push    esi
.text:0041C6F6                 mov     esi, dword_9144FC
.text:0041C6FC                 mov     ecx, eax
.text:0041C6FE                 sub     ecx, esi
.text:0041C700                 cmp     ecx, 80h
.text:0041C706                 jle     short loc_41C71C
.text:0041C706
.text:0041C708                 push    offset aClientCommandO ; "Client command overflow"
.text:0041C70D                 push    1
.text:0041C70F                 call    sub_437290
.text:0041C70F
.text:0041C714                 mov     eax, dword_9144F8
.text:0041C719                 add     esp, 8
.text:0041C719
.text:0041C71C
.text:0041C71C loc_41C71C:                             ; CODE XREF: CL_AddReliableCommand+16j
.text:0041C71C                 inc     eax
.text:0041C71D                 mov     dword_9144F8, eax
.text:0041C722                 and     eax, 7Fh
.text:0041C725                 shl     eax, 0Ah
.text:0041C728                 add     eax, offset dword_914500
.text:0041C72D                 mov     esi, eax
.text:0041C72F                 jnz     short loc_41C740
.text:0041C72F
.text:0041C731                 push    offset aQ_strncpyzNull ; "Q_strncpyz: NULL dest"
.text:0041C736                 push    0
.text:0041C738                 call    sub_437290
.text:0041C738
.text:0041C73D                 add     esp, 8
.text:0041C73D
.text:0041C740
.text:0041C740 loc_41C740:                             ; CODE XREF: CL_AddReliableCommand+3Fj
.text:0041C740                 test    edi, edi
.text:0041C742                 jnz     short loc_41C752
.text:0041C742
.text:0041C744                 push    offset aQ_strncpyzNu_0 ; "Q_strncpyz: NULL src"
.text:0041C749                 push    edi
.text:0041C74A                 call    sub_437290
.text:0041C74A
.text:0041C74F                 add     esp, 8
.text:0041C74F
.text:0041C752
.text:0041C752 loc_41C752:                             ; CODE XREF: CL_AddReliableCommand+52j
.text:0041C752                 push    3FFh
.text:0041C757                 push    edi
.text:0041C758                 push    esi
.text:0041C759                 call    sub_52A3C0
.text:0041C759
.text:0041C75E                 add     esp, 0Ch
.text:0041C761                 mov     byte ptr [esi+3FFh], 0
.text:0041C768                 pop     esi
.text:0041C769                 retn
.text:0041C769
.text:0041C769 CL_AddReliableCommand endp

What am I doing wrong?

Thanks.


Top
 Profile  
 
 
 Post subject: Re: [jk3/jka] problem hooking a function
PostPosted: 06 Jun 2010 06:45 

Joined: 29 Dec 2007 13:54
Posts: 10
What you're doing wrong is that you're forgetting you're hooking a function which has been optimized by the compiler. The function gets its argument passed through the edi register rather than through the stack. As such, your hook does not get the arguments properly and screws up. The only way to make that hook work, is if you write it in pure assembly.


Top
 Profile  
 
 Post subject: Re: [jk3/jka] problem hooking a function
PostPosted: 06 Jun 2010 14:33 

Joined: 05 Jun 2010 04:01
Posts: 3
Haha, figured, guess I gotta learn more assembly now.

Thanks for the help. :)


Top
 Profile  
 
 Post subject: Re: [jk3/jka] problem hooking a function
PostPosted: 06 Jun 2010 15:19 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
interesting to see these atypical calling conventions used for optimizing particular functions.
so basicly you need to create only a simple wrapper composed by "pop esi; pop edi; call real_function", just some lines of assembly


Top
 Profile  
 
 Post subject: Re: [jk3/jka] problem hooking a function
PostPosted: 09 Jun 2010 03:11 

Joined: 05 Jun 2010 04:01
Posts: 3
Okay so, which one has the string? edi? or esi? or both...?
What should I move the string into when I'm done modifying it?


EDIT:
Never mind, I figured it out.
Thanks.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 5 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: